This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(204.8, 86%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EN%3C/text%3E%3C/svg%3E)
Hello I'm trying to configure multiple ASA VPN profiles to use Azure MFA. I have configured the first profile successfully but can't get a second profile to work. The ASA requires a different Azure AD Identifier for the profile to work with different certificates. When creating a new Enterprise application for Cisco Anyconnect the Azure AD Identifier is the same. Is there a way to change this or have multiple ASA VPN profiles working with Azure MFA? I reached out to Cisco TAC and they said I needed to contact Microsoft about this.
I'm not understanding. On my ASA I have the option for Authentication Method set as SAML and a AAA Server group. I also have a SAML Identity Provider configured. I don't see were there is a primary or secondary authentication method. Is this configuration on the Azure side in the AnyConnect application?
I figured it out. You use multiple AnyConnect profiles in Azure but have to upload your own certificate to each AnyConnect profile. The cert has to be the same in all profiles. There is an article on Cisco's site that explains it.
I figured it out. You use multiple AnyConnect profiles in Azure but have to upload your own certificate to each AnyConnect profile. The cert has to be the same in all profiles. There is an article on Cisco's site that explains it.