06-14-2019 07:18 AM
Hello everybody,
I have a customer who wants to implement an anyconnect VPN with 2FA through OKTA. He has an ASA, ISE and they want to include the okta server in this deployment, but I don't know exactly what are the requirements and what are the connections we have to do. I was thinking about a connection between ASA - ISE - OKTA - AD, but I'm not pretty sure if this is correct. I have read this document https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Borderless_Networks/Unified_Access/BYOD_Design_Guide/BYOD_Remote_Device_Access.pdf but it shows the connection with RSA and it not shows a completely configuration and deployment. I've been searching on the web but only found ISE+OKTA for wireless authentication, or ASA - ISE -DUO - AD, but I think DUO uses a different way for connection and communication. I was wondering if you guys can help me with information about this topic or if you know how to implement this.
Thank you so much in advance.
Solved! Go to Solution.
07-01-2019 09:23 PM - edited 07-01-2019 09:24 PM
Okta MFA for Cisco VPN is what I found at the vendor site. And, it has Okta MFA for Cisco VPN Integration Guide
06-16-2019 07:35 AM
We have this integration guide with OKTA
https://community.cisco.com/t5/security-documents/notes-on-okta-as-saml-idp/ta-p/3644284
06-16-2019 11:15 AM
i have done integration with okta for saml sso
check it it might be helpful for you,.
07-01-2019 09:23 PM - edited 07-01-2019 09:24 PM
Okta MFA for Cisco VPN is what I found at the vendor site. And, it has Okta MFA for Cisco VPN Integration Guide
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide