Cisco ASA Series Cli Configuration Manual page 1826
Software version 9.0 for the services module
Hide thumbs
Also See for ASA Series:
- Configuration manual (429 pages) ,
- Getting started (31 pages) ,
- Mount and connect (12 pages)
Table of Contents
Advertisement
Using Single Sign-on with Clientless SSL VPN
Configuring SSO Authentication Using SiteMinder
This section describes configuring the ASA to support SSO with SiteMinder. You would typically
choose to implement SSO with SiteMinder if your website security infrastucture already incorporates
SiteMinder. With this method, SSO authentication is separate from AAA and happens once the AAA
process completes.
Prerequisites
•
•
•
Optionally, you can do the following configuration tasks in addition to the required tasks:
•
•
Restrictions
If you want to configure SSO for a user or group for clientless SSL VPN access, you must first configure
a AAA server, such as a RADIUS or LDAP server. You can then set up SSO support for clientless SSL
VPN.
Detailed Steps
This section presents specific steps for configuring the ASA to support SSO authentication with CA
SiteMinder. To configure SSO with SiteMinder, perform the following steps:
Command
Step 1
webvpn
Step 2
sso-server with the type option
Example:
hostname(config)# webvpn
hostname(config-webvpn)# sso-server Example type
siteminder
hostname(config-webvpn-sso-siteminder)#
Step 3
config-webvpn-sso-siteminder
Step 4
web-agent-url
Example:
hostname(config-webvpn-sso-siteminder)#
web-agent-url http://www.Example.com/webvpn
hostname(config-webvpn-sso-siteminder)#
Cisco ASA Series CLI Configuration Guide
1-18
Specifying the SSO server.
Specifying the URL of the SSO server to which the ASA makes SSO authentication requests.
Specifying a secret key to secure the communication between the ASA and the SSO server. This key
is similar to a password: you create it, save it, and enter it on both the ASA and the SiteMinder Policy
Server using the Cisco Java plug-in authentication scheme.
Configuring the authentication request timeout.
Configuring the number of authentication request retries.
Chapter 1
Configuring Clientless SSL VPN
Purpose
Switches to webvpn configuration mode.
Creates an SSO server.
Creates an SSO server named Example of type
siteminder.
Switches to site minder configuration mode.
Specifies the authentication URL of the SSO server.
Sends authentication requests to the URL
http://www.Example.com/webvpn.
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
