Client vpn federated connection

Question

Guys, good afternoon!

Need help!

I'm doing a SAML integration between aws and google, to connect the aws vpn client with federated authentication, but I'm getting a 403 error, I've reviewed all the settings, and it doesn't work, when I configure it to use the Identity Center it works normally authenticating through google and accessing the console, but using the vpn client connection, it returns a 403 error whenever it tries to open the login screen to connect to the vpn.

Has anyone experienced this problem?

403 That’s an error.
Error: app_not_configured_for_user
Service is not configured for this user.
Request Details

Answer

Hello,

Above mentioned error is related to the incorrect configuration on IDP side.

If google does not have SAML application for AWS client VPN  on your google.

To create a SAML-based app using an IdP that's not listed in the preceding table, use the following information to configure the AWS Client VPN service provider information.

**Assertion Consumer Service (ACS) URL: http://127.0.0.1:35001

**Audience URI: urn:amazon:webservices:clientvpn

The following attribute is required.
Attribute 	Description
memberOf 	The group or groups that the user belongs to.

Attributes are case-sensitive, and must be configured exactly as specified.

Client vpn federated connection

관련 콘텐츠