Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
869
Views
5
Helpful
2
Replies

ISE VPN multifactor authentication

vmadriga
Cisco Employee
Cisco Employee

‎09-11-2019 04:39 PM

Hi all,

 

I am trying to use ISE to implement multi-factor authentication for VPN users. I know the easiest way to do this is to use the secondary authentication in ASA in order to  use two different identity stores and perform multi-factor authentication (I can point the primary authentication to ISE and the secondary authentication to a token server like RSA) however I would like to use ISE as the central point for authentication. Is it possible for ISE to perform Multi-factor authentication for example do a first authentication using the local database and perform a secondary authentication using a token server without enabling the secondary authentication feature in ASA?

Any comments are really appreciated. 

 

Regards!

 

 

1 person had this problem
0 Helpful
2 Replies 2

Nidhi
Cisco Employee
Cisco Employee

‎09-12-2019 04:53 AM

we have some references mentioned here for 2FA with ASA and ISE.

Thanks,

Nidhi

0 Helpful

vmadriga
Cisco Employee
Cisco Employee
In response to Nidhi

‎09-12-2019 09:31 AM

Thanks Nidhi, is there a way that ISE can authenticate a user using 2 different Identity stores at the same time? for example authenticate the user against the internal data base and at the same time authenticate against an external data base and only if the user is successfully authenticated against the 2 identity stores allow access?

Regards!

 

Customers Also Viewed These Support Documents