cancel
Showing results forย 
Search instead forย 
Did you mean:ย 

SAML SSO - Anyconnect Cisco Meraki

nmousselli
Novitiate I

Has anyone had any success using Jumpcloud's SAML connector to authenticate to Anyconnect on Cisco Meraki?   When trying to log in I get an error on Anyconnect saying "Authentication failed due to problem navigating to the single sign-on URL." and in the Cisco Meraki logs an error saying No SAMLREsponse in assertion as below.  I've tried it with OKTA and the same settings and it works fine.  So there is something with the response that Jumpcloud is giving and can't figure it out.

AnyConnect VPN general event          msg: SAML: No SAMLResponse in assertion

4 REPLIES 4

BenGarrison
JumpCloud Alumni
JumpCloud Alumni

Sounds like a possible certificate issue. Looking at the documentation it seems pretty straight forward. If you're using a custom SAML app, make sure assertion is enabled.

Hi Ben,

Thanks for the reply.  I do have sign assertion enabled and using the default cert on Meraki Anyconnect which is the same setup I used with Okta.  If I upload jumpcloud's cert to Anyconnect then I would be required to issue it on all devices that are connecting which is not the intended setup.  It also doesn't seem to help. 

Might need to get this to JumpCloud support so that they can look at logs and configurations to possible assist here. support@jumpcloud.com woud be the next step in this situation. Unless anyone on the community here can offer P2P advise for that integration. 

JuergenKlaassen
Rising Star III
Rising Star III

Hi

To my knowledge... SAML as an authentication type for AnyConnect with a Meraki MX isn't supported as of now. 
It's either Radius, AD or Meraki's internal users.

With RADIUS against JumpCloud works fine though and there's a KB about it as well. 
I can confirm that it's working with MFA enabled as well. 

You Might Like

New to the site? Take a look at these additional resources:

Community created scripts

Keep up with Product News

Read our community guidelines

Ready to join us? You can register here.