Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
10354
Views
10
Helpful
2
Replies

SAML External Browser with ASA 9.14 and Anyconnect 4.10

Scottish_ITtech
Level 1
Level 1

‎03-02-2022 04:50 AM

Hi,

 

Should Anyconnect 4.10 on ASA 9.14 be able to use an external browser for SAML authentication?

 

We have SAML working but only through the embedded browser which doesn't support Yubikey or Windows Hello.

 

If it should support it, can you advise how to enable?

1 person had this problem
Labels:
2 Replies 2

Milos_Jovanovic
VIP Alumni
VIP Alumni

‎03-11-2022 02:52 PM

Hi @Scottish_ITtech,

No, it will not work, as support for External Browser came with 9.17(1). You'll have to upgrade to newer release before you can try it.

I haven't teted this myself yet, but here is the configuration explanation.

BR,

Milos

0 Helpful

Marcelo Morais
VIP
VIP

‎12-12-2022 02:16 PM

Hi @Scottish_ITtech ,

 although it's an old topic, I would like to add the following:

1. from AnyConnect 4.6 to AnyConnect 4.10.03104 an enhanced version of SAML integration with an Embedded Browser has replaced the Native (External) Browser Integration from previous releases.
2. AnyConnect 4.10.04065 supports AnyConnect VPN SAML External Browser (as an optional add-on, via the External Browser Package external-sso-4.10.04065-webdeploy-k9.pkg)
3. since AnyConnect 4.10.04071 you don't need the External Browser Package
4. since AnyConnect 4.10.05095, on Windows, the AnyConnect Embedded Browser is Microsoft Edge WebView2
5. for SAML External Browser use, you MUST perform configuration using:
. ASA 9.17.1+ (via CLI command external-browser enable in the config-tunnel-webvpn mode)
. ASDM 7.17.1+
. FDM 7.1+

Hope this helps !!!

0 Helpful
Customers Also Viewed These Support Documents