25,120 questions
SAML architecture for Cisco Anyconnect
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(67.2, 53%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESB%3C/text%3E%3C/svg%3E)
Sean Byrne
86
Reputation points
our customer is using Cisco Anyconnect for remote access
the authentication method is SAML
I am using an ASAv as the Service Provider
I have reviewed a number of documents to find the solution and below is my understanding with the gaps in my knowlegde
1 on the ASA create Trustpoints and import the cert generated from the Azure platform
2 on the ASA generate a cert & upload to Azure
3 use sign on and sign out URL
4 create an IdP url
5 extract information from the show .. metadata output on the ASAv and export to the Azure platform
I do not have access to the customer Azure portal
Q is there any documentation available for generating the sign on /sign out url ?
Q is there any documentation guidance on creating an IdP url
Microsoft Security | Microsoft Entra | Microsoft Entra ID
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 81%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMT%3C/text%3E%3C/svg%3E)
Marilee Turscak-MSFT 37,206 Reputation points Microsoft Employee Moderator2022-08-16T00:03:43.347+00:00 Hi @Sean Byrne ,
If you are integrating Cisco AnyConnect with Azure AD and controlling from Azure AD who has access to Cisco AnyConnect, you will need to have access to the Azure portal itself. It looks like the URL pattern should follow the one in this screenshot from the Basic SAML Configuration section:
It would help to know which guide you are following to gain further context.
Sign in to comment
Sign in to answer