Hello everybody,
I have a customer who wants to implement an anyconnect VPN with 2FA through OKTA. He has an ASA, ISE and they want to include the okta server in this deployment, but I don't know exactly what are the requirements and what are the connections we have to do. I was thinking about a connection between ASA - ISE - OKTA - AD, but I'm not pretty sure if this is correct. I have read this document https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Borderless_Networks/Unified_Access/BYOD_Design_Guide/BYOD_Remote_Device_Access.pdf but it shows the connection with RSA and it not shows a completely configuration and deployment. I've been searching on the web but only found ISE+OKTA for wireless authentication, or ASA - ISE -DUO - AD, but I think DUO uses a different way for connection and communication. I was wondering if you guys can help me with information about this topic or if you know how to implement this.
Thank you so much in advance.
