10-25-2019 02:15 AM - edited 02-21-2020 09:47 PM
hi there,
From what I've gathered online, it's not possible to perform authentication solely with ISE using a validation of username/password credentials against AD, along with a RSA token pin in a single authentication session.
Is this true?
My use case is authenticating users via anyconnect SSL VPN where a user will need to enter their AD credentials along with an RSA 2fa code from a software or hardware token in order to successfully authenticate and establish a vpn session.
I understand this is possible via other methods, e.g. using double authentication with ASA, but my client wanted only to use ISE and it seems weird that it couldn't do something such as this.
any insight is much appreciated
cheers!