09-11-2019 04:39 PM
Hi all,
I am trying to use ISE to implement multi-factor authentication for VPN users. I know the easiest way to do this is to use the secondary authentication in ASA in order to use two different identity stores and perform multi-factor authentication (I can point the primary authentication to ISE and the secondary authentication to a token server like RSA) however I would like to use ISE as the central point for authentication. Is it possible for ISE to perform Multi-factor authentication for example do a first authentication using the local database and perform a secondary authentication using a token server without enabling the secondary authentication feature in ASA?
Any comments are really appreciated.
Regards!
09-12-2019 04:53 AM
09-12-2019 09:31 AM
Thanks Nidhi, is there a way that ISE can authenticate a user using 2 different Identity stores at the same time? for example authenticate the user against the internal data base and at the same time authenticate against an external data base and only if the user is successfully authenticated against the 2 identity stores allow access?
Regards!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide