The device has been updated to ASA 9.17 firmware or later.The ASA SAML login experience supports use of Duo WebAuthn authentication methods like Touch ID and security keys for An圜onnect client logins under the following conditions:
#MAC IPSECURITAS CISCO ASA ANDROID#
Trusted Endpoints detection on Android does not rely on certificates, so there is no dependency on a specific An圜onnect app version. Trusted Endpoints Supportĭuo Beyond customers should be aware of these An圜onnect client minimum version requirements for Duo's Trusted Endpoints certificate detection. Add Duo protection to earlier ASA versions with our ASA LDAPS SSL VPN or ASA RADIUS with An圜onnect configurations.įamiliarize yourself with the limitations of ASA SAML 2.0 authentication by reviewing the Use Single Sign-On with Clientless SSL VPN documentation in the Cisco ASA Series VPN CLI Configuration Guide.
Prior versions of ASA firmware and An圜onnect do not support SAML login or use a different browser experience. Minimum Supported ASA and An圜onnect VersionsĬisco ASA SSO requires ASA version of 9.7.1.24, 9.8.2.28, 9.9.2.1, or higher of these releases, or 9.10 and later, plus An圜onnect 4.6 or later. Primary and Duo secondary authentication occur at the identity provider, not at the ASA itself.
This deployment option requires that you have a SAML 2.0 identity provider (IdP) in place that features Duo authentication, like Duo Single Sign-On. Overviewĭuo's SAML SSO for ASA supports inline self-service enrollment and the Duo Prompt for An圜onnect and web-based SSL VPN logins. Add two-factor authentication and flexible security policies to Cisco ASA An圜onnect SSO logins with Duo Single-Sign On, our cloud-hosted SAML 2.0 identity provider, complete with inline self-service enrollment and Duo Prompt.
0 kommentar(er)
