06-02-2011 01:54 AM - edited 03-11-2019 01:41 PM
My customer was thinking to introduce a 2FA mechanism, to restrict access to ASA CLI. So he was suggesting to use RSA token. Is this possible?
06-02-2011 09:32 AM
Hi Srinivasan,
To do this, you'll need to setup a AAA server group with a protocol of 'sdi'. Here are the guides that explains how to do this:
RSA/SDI Server Support:http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/access_aaa.html#wp1053066
Identifying AAA Server Groups and Servers:http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/access_aaa.html#wp1039757
Configuring Authentication for CLI and ASDM Access:http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/access_management.html#wp1060011
Hope that helps.
-Mike
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Log in to Community
