https://community.cisco.com/t5/network-access-control/ise-and-vpn-with-2-factor/m-p/3503271#M539321 <HTML><HEAD></HEAD><BODY><P>customer has an ASA VPN setup with two auth methods, initial UN/PWD then two factor…they want to know if ISE will still be able to work and do dACL push based on specific AD attributes if they have the two methods of AUTH enabled on the ASA, I couldn’t find that anywhere</P></BODY></HTML> Mon, 28 Mar 2016 15:50:20 GMT shaunwhi 2016-03-28T15:50:20Z https://community.cisco.com/t5/network-access-control/ise-and-vpn-with-2-factor/m-p/3503271#M539321 <HTML><HEAD></HEAD><BODY><P>customer has an ASA VPN setup with two auth methods, initial UN/PWD then two factor…they want to know if ISE will still be able to work and do dACL push based on specific AD attributes if they have the two methods of AUTH enabled on the ASA, I couldn’t find that anywhere</P></BODY></HTML> Mon, 28 Mar 2016 15:50:20 GMT https://community.cisco.com/t5/network-access-control/ise-and-vpn-with-2-factor/m-p/3503271#M539321 shaunwhi 2016-03-28T15:50:20Z https://community.cisco.com/t5/network-access-control/ise-and-vpn-with-2-factor/m-p/3503272#M539322 <HTML><HEAD></HEAD><BODY><P>I am no expert on ASA multi authentications, but I believe you would likely need ISE to proxy the 2nd auth (OTP) and then have ISE performing the AD lookups.</P></BODY></HTML> Tue, 29 Mar 2016 16:05:06 GMT https://community.cisco.com/t5/network-access-control/ise-and-vpn-with-2-factor/m-p/3503272#M539322 hslai 2016-03-29T16:05:06Z