I know this has been asked in a few different ways but I need to clarify the user experience under the following configuration
My ASA uses ACS4.2 as a radius server and it also provides downloaded ACLs depending on the users group within LDAP
Our Security department would like to implement two factor using RSA. The desired result would be to maintain the functionality of ACS and the Downloadable ACLs but use RSA secureID as another authentication source.
What I am unclear of is what the user experience would be. If I was to setup Secureid / RSA server as an external Database within ACS and ASA using ACS as the Radius server. When the client views the anyconnect window will they put LDAP username and password in click connect and then wait for some other challenge?
They would only get the RSA prompt for token, on ACS 4.2 you can use RSA with an LDAP group mapping to achieve RSA authentication but still pass the desired DAL based on their LDAP mapping. The username in RSA would have to be the same as the username in LDAP for this to work.
Hi All, A customer wants to authenticate Anyconnect VPN users from an ASA using the client installed certificate and then with AD. i.e. Is this a corporate device?Would we recommend authenticating the cert on the ASA then passing the AD check to ISE ...
Hello Team, we are getting alert in FMC stating policy deployment failed, we are running on 6.2.0 version and not sure which version is stable version to re mediate this issue, in one event i have seen restart will resolve this issue but is it perman...
Threat Hunting 101
In the latest Cisco Cybersecurity report, we explore all there is to know about threat hunting and provide a how-to guide for creating a threat hunting team.
Here are some of th...
What Is Cisco Identity Services Engine?
Cisco Identity Services Engine (ISE) is an all-in-one enterprise policy control product that enables comprehensive secure wired, wireless, and Virtual Private Networking (VPN) access.
Cisco ISE offers...
To participate in this event, please use the button to ask your questions
(This event was formerly know as Ask the Expert event)
This topic is a chance to discuss more about the best configuration and troubleshooting pr...