Configuring Sso Authentication Using Siteminder - Cisco FirePOWER ASA 5500 series Configuration Manual
Security appliance command line
Hide thumbs
Also See for FirePOWER ASA 5500 series:
- Datasheet (20 pages) ,
- Configuration manual (1140 pages)
Table of Contents
Advertisement
Chapter 37
Configuring WebVPN
hostname(config)# username Anyuser attributes
hostname(config-username)# webvpn
hostname(config-username-webvpn)# auto-signon allow ip 10.1.1.1 255.255.255.0 auth-type
basic
Configuring SSO Authentication Using SiteMinder
This section describes configuring the security appliance to support SSO with SiteMinder. You would
typically choose to implement SSO with SiteMinder if your website security infrastucture already
incorporates SiteMinder. With this method, SSO authentication is separate from AAA and happens once
the AAA process completes. If you want to configure SSO for a WebVPN user or group, you must first
configure a AAA server, such as a RADIUS or LDAP server. You can then setup SSO support for
WebVPN. This section includes:
•
•
•
Task Overview: Configuring SSO with Siteminder
This section presents an overview of the tasks necessary to configure SSO with SiteMinder SSO. These
tasks are:
•
•
•
In addition to these required tasks, you can optionally do the following configuration tasks:
•
•
After you have completed the configuration tasks, you assign an SSO server to a user or group policy.
Detailed Tasks: Configuring SSO with Siteminder
This section presents specific steps for configuring the security appliance to support SSO authentication
with CA SiteMinder. To configure SSO with SiteMinder, perform the following steps:
In webvpn configuration mode, enter the sso-server command with the type option to create an SSO
Step 1
server. For example, to create an SSO server named Example of type siteminder, enter the following:
hostname(config)# webvpn
hostname(config-webvpn)# sso-server Example type siteminder
hostname(config-webvpn-sso-siteminder)#
Note
The security appliance currently supports only the SSO server type siteminder.
Step 2
Enter the web-agent-url command in webvpn-sso-siteminder configuration mode to specify the
authentication URL of the SSO server. For example, to send authentication requests to the URL
http://www.Example.com/webvpn, enter the following:
OL-10088-01
Task Overview: Configuring SSO with Siteminder
Detailed Tasks: Configuring SSO with Siteminder
Adding the Cisco Authentication Scheme to SiteMinder
Specifying the SSO server.
Specifying the URL of the SSO server to which the security appliance makes SSO authentication
requests.
Specifying a secret key to secure the communication between the security appliance and the SSO
server. This key is similar to a password: you create it, save it, and enter it on both the security
appliance and the SiteMinder Policy Server using the Cisco Java plug-in authentication scheme.
Configuring the authentication request timeout.
Configuring the number of authentication request retries.
Cisco Security Appliance Command Line Configuration Guide
Getting Started with WebVPN
37-7
Advertisement
Table of Contents
Troubleshooting
