Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
468
Views
0
Helpful
0
Replies

ISE : Authentication for IKEv2

gthjohansson
Level 4
Level 4

‎12-14-2012 02:41 PM - edited ‎03-10-2019 07:53 PM

Just to check if anyone might be able to assist me regarind an issue that I am trying to work out a solution for.

My Requirements are: Multitenant deployment using ASR1K with IKEv2 vpn authenticated with ISE or ACS and user databases in most cases will be in Active Directory. And authentication has to be with User and Password.

EAP-MD5: does not work with LDAP integration with Active directory, it does however work in Radius proxy mode but security level of password storage in AD has to be degrated alot by allowing AD to store reversible passwords.

EAP-GTC: As far as I understand from everything I read, this might be the holy grail for U/P authentication for IKEv2. But in ISE and ACS EAP-GTC is only supported as an inner method in PEAP and EAP-FAST will this change in the near future ?

And is there possibly something else that I am missing which might be a solution to this design criteria ?

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents