SSLVPN Client and SAML "...not allowed by admin"

jghms · March 27

Having upgraded to 12.11.1 and using 12.11 SSLVPN client and configuration, I'm trying to test SAML authentication with Entra ID as detailed in "Microsoft Entra ID SAML Authentication with Firebox Mobile VPN with SSL Integration" (https://www.watchguard.com/help/docs/help-center/en-US/Content/Integration-Guides/General/azure-saml_ssl-vpn.html?tocpath=Self-Help Tools|Integration Guides|General|_____1).

The error I receive is "FWStatus, ACS: SSLVPN user < user@domain.com> not allowed by admin, pri=3, proc_id=samld, msg_id="

Any ideas or suggestions appreciated.

Hero · March 29

https://www.boc.de/watchguard-info-portal/2024/11/howto-mobile-sslvpn-mit-microsoft-entra-und-2fa/#more-25770

jghms · March 29

@Hero said:
https://www.boc.de/watchguard-info-portal/2024/11/howto-mobile-sslvpn-mit-microsoft-entra-und-2fa/#more-25770

Thanks for this. It's a slightly different document than the one I followed. I checked my steps, and everything looked right. I decided to redo the firebox authentication anyway. After doing so, it started working. I must have had a typo or a trailing space in there somewhere.

I appreciate your help.

SSLVPN Client and SAML "...not allowed by admin"

Comments