Re: SAML MS365 Sign-in not opening

smedina · ‎04-09-2024

I'm tiring to set up MFA for out VPN I am using the MS365 Tutorial: Microsoft Entra single sign-on (SSO) integration with Cisco AnyConnect - Microsoft Entra ID | Microsoft Learn and Cisco Configure ASA AnyConnect VPN with Microsoft Azure MFA through SAML - Cisco. but when I try to login a user, I don't get the sign-in page I only get an AnyConnect popup (I've attached the popup.)

We do have different connection profile that is active, and its authentication is set to "certificate only" using the local server. That profile is active and dose work. Would having two different methods cause issues? I have also it set to allow the user to select the profile they want to use and when the SAML one is selected I don't get the MS sing-in page only a cisco login.

I have checked multiple times with both of the above documents that my setting are what they should be, so I'm just lost.

smedina · ‎04-09-2024

I didn't see the attached file so I'm including it here.

Marvin Rhoads · ‎04-10-2024

Do your webvpn and tunnel-group sections of your running-config show the expected values according to what you have configured? the Cisco article is the correct one an it shows expected typical output.

smedina · ‎04-10-2024

Thanks for the reply! I ran a show run and looked for the webvpn data. from what I saw it seems to all be correct. ill include a screen grab of the data.

Just to be sure i logged onto my Azure portal to check the idp and sign-in/out information.