Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2741
Views
4
Helpful
11
Replies

ASDM OTP with RSA SecureID

gilad.hinberger
Level 1
Level 1

‎09-03-2013 05:57 AM - edited ‎03-10-2019 08:51 PM

Trying to setup AAA OTP with ASA and RSA SecureID.

Works great for CLI/SSH access, but when I'm trying to use it for ASDM, it failed, and I'm getting REUSE ATTACK error on the RSA server.

I tried with Radius and SDI, same results.

Any ideas?

2 people had this problem
Labels:
0 Helpful
11 Replies 11

gilad.hinberger
Level 1
Level 1

‎09-05-2013 02:35 AM

So nobody is using the RSA SecureID OTP tokens to authenticate to the Cisco ASA?

Seems like the ASDM is trying to authenticate several times to the RSA, using the same password,

And that what cause the problem... Apparently this have something to do with the way Java is working.

Anyone?

0 Helpful

Jatin Katyal
Cisco Employee
Cisco Employee

‎09-05-2013 06:43 AM

Hi Gilad,

Actually lots of people love to use it however there is some limitation with this feature. Here is something I wrote on this topic a couple of weeks ago. You may be intrested to go through this article:

https://supportforums.cisco.com/docs/DOC-35214

~BR
Jatin Katyal

**Do rate helpful posts**

~Jatin
0 Helpful

gilad.hinberger
Level 1
Level 1
In response to Jatin Katyal

‎09-06-2013 01:39 AM

Hi Jatin,

Thanks for the reply, but my problem is completely different...

I'm trying to implement the RSA SecurID authentication with an ASA already running in a single routed mode.

The combination works great with SSH access, but with the ASDM, the RSA server recognise it as REUSE

Attack, and eventually block the token...

0 Helpful

Jatin Katyal
Cisco Employee
Cisco Employee
In response to gilad.hinberger

‎09-06-2013 04:21 AM

What version of ASA and ASDM are you running?

~BR
Jatin Katyal

**Do rate helpful posts**

~Jatin
0 Helpful

gilad.hinberger
Level 1
Level 1
In response to Jatin Katyal

‎09-06-2013 05:05 AM

Latest versions:

ASA - 9.1(2)

ASDM - 7.1(3)

0 Helpful

PREMYSL KOPECKY
Level 1
Level 1

‎10-03-2013 04:05 AM

I have same issue with OTP when using ASDM.

When I attempting to connect to an ASM, many authentication requests is generated quickly (usualy about seven) to lock user account.

CS ACS 4.2(1)

ASA Version: 8.4(5) (SINGLE ROUTED MODE)

ASDM Version: 7.0(2)

OTP - CRYPTOCard/SafeNet

Regards

Premysl Kopecky

0 Helpful

gilad.hinberger
Level 1
Level 1
In response to PREMYSL KOPECKY

‎10-04-2013 03:36 AM

The best explanation I managed to find so far:

https://supportforums.cisco.com/thread/215792

That was more than 6 years ago, and they still didn't manage to make it work

PREMYSL KOPECKY
Level 1
Level 1
In response to gilad.hinberger

‎10-04-2013 06:05 AM

Hi Gilad,

ASDM behaves exactly as described.

Just I do not know why Cisco declare:

http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.html#wp481365

New Features for ASA Version 8.2(1):One Time Password Support for ASDM Authentication.
Released: May 6, 2009

Regards
Premysl

0 Helpful

Jatin Katyal
Cisco Employee
Cisco Employee
In response to PREMYSL KOPECKY

‎10-04-2013 02:29 PM

Guys:

Can we troubleshoot this issue live and report back with some debugs/logs.

Let me know.

~BR
Jatin Katyal

**Do rate helpful posts**

~Jatin
0 Helpful

PREMYSL KOPECKY
Level 1
Level 1
In response to Jatin Katyal

‎10-17-2013 12:49 PM

Hi Jatin,

I tried to login to an ASA via telnet/ASDM with password/OTP.

There are some logs (enclosed):

Best regards

Premysl Kopecky

     

P.S.: Bug "CSCuf91463 - ASDM resending the same passcode during OTP authentication - failing it" describes workaround for ASDM OTP.

Preview file
1914 KB
0 Helpful

ggozzi
Level 1
Level 1
In response to Jatin Katyal

‎09-27-2018 03:26 AM

Hi

I've the same problem

Are there any news about?

Regards

Gianluca

0 Helpful
Customers Also Viewed These Support Documents