EasyManuals Logo

Cisco ASA 5512-X Cli Configuration Guide

Cisco ASA 5512-X
2164 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #1829 background imageLoading...
Page #1829 background image
1-21
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring Clientless SSL VPN
Using Single Sign-on with Clientless SSL VPN
Optionally, in addition to these required tasks, you can do the following configuration tasks:
• Configure the authentication request timeout (the request-timeout command)
• Configure the number of authentication request retries (the max-retry-attempts command)
Restrictions
• SAML SSO is supported only for clientless SSL VPN sessions.
• The ASA currently supports only the Browser Post Profile type of SAML SSO Server.
• The SAML Browser Artifact method of exchanging assertions is not supported.
Detailed Steps
This section presents specific steps for configuring the ASA to support SSO authentication with SAML
Post Profile. To configure SSO with SAML-V1.1-POST, perform the following steps:
Command Purpose
Step 1
webvpn
Switches to webvpn configuration mode.
Step 2
sso-server with the type option
Example:
hostname(config)# webvpn
hostname(config-webvpn)# sso-server sample type
SAML-V1.1-post
hostname(config-webvpn-sso-saml)#
Creates an SSO server.
Creates an SSO server named Sample of type
SAML-V1.1-POST.
Step 3
sso saml
Switches to webvpn-sso-saml configuration mode.
Step 4
assertion-consumer-url
Example:
hostname(config-webvpn-sso-saml)#
assertion-consumer-url http://www.example.com/webvpn
hostname(config-webvpn-sso-saml)#
Specifies the authentication URL of the SSO server.
Sends authentication requests to the URL
http://www.Example.com/webvpn.
Step 5
a unique string
Example:
hostname(config-webvpn-sso-saml)# issuer myasa
hostname(config-webvpn-sso-saml)#
Identifies the ASA itself when it generates
assertions. Typically, this issuer name is the
hostname for the ASA.
Step 6
trust-point
hostname(config-webvpn-sso-saml)# trust-point
mytrustpoint
Specifies the identification certificate for signing the
assertion.
Step 7
(Optional)
request-timeout
Example:
hostname(config-webvpn-sso-saml)# request-timeout 8
hostname(config-webvpn-sso-saml)#
Configures the number of seconds before a failed
SSO authentication attempt times out.
Sets the number of seconds before a request times
out to 8. The default number of seconds is 5, and the
possible range is 1 to 30 seconds.

Table of Contents

Other manuals for Cisco ASA 5512-X

Preview: Quick Start Guide
Quick Start Guide14 pages
Preview: Configuration Guide
Configuration Guide428 pages
Preview: Hardware Installation Guide
Hardware Installation Guide74 pages
Preview: Software Guide
Software Guide37 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco ASA 5512-X and is the answer not in the manual?

Cisco ASA 5512-X Specifications

General IconGeneral
Firewall Throughput1.2 Gbps
VPN Throughput200 Mbps
Maximum VPN Peers250
Integrated IPSYes
IPS Throughput250 Mbps
RAM4 GB
Power SupplyAC, 100-240V
Security Contexts2 (Standard), 50 (with Security Contexts license)
Interfaces6 x Gigabit Ethernet
Dimensions (H x W x D)1.75 x 17.5 x 14.5 inches
Weight16 lbs

Related product manuals