Content translations are temporarily unavailable due to site maintenance. We apologize for any inconvenience. Visit our blog to learn more.
01-02-2025 09:37 AM
A few months ago, a failure occurred with SAML authentication configured between Azure and Palo Alto for firewall management. It is believed to have arisen from a flaw that occurred with Microsoft in late October and early November.
The issue is that the SSO works in even takes you to Microsoft authentication with their MFA and such and it redirects to the ACS URL (https://my ip:443/SP/ACS) and shows that the page was not found with a 404 error. Tried reloading the configuration or the XML with the metadata to Palo Alto but still the same problem. Created a new SAML auth and authentication profile, but everything remains the same. From the Azure side it is seen that the authentication is allowed as well as the MFA validation with the mobile app used for it and following the Microsoft and Palo Alto documentation, the configuration is correct. The reason for the failure is unknown and from the Palo Alto side the traces are limited, only the client redirection to the Microsoft URL for validation via SAML is seen.
Translated with DeepL.com (free version).
Does anybody know about this problem? The firmware in Palo Alto is 11.1.4-h1
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
