Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello,
I'm currently investigating ISE and DUO integration with ASA for remote access VPN. One of the options is to have ISE proxy RADIUS requests to the DUO Auth Proxy.
I was wondering if CoA (sent by ISE to ASA) would still be functional in that ...
Hello,I've received a request from someone whose goal is to be able to set "Disable user account after X days if password was not changed" only for internal users with the password type "internal users".Customer also has other internal users with p...
Hello,Can you please also clarify if TC-NAC really has to run on a dedicated PSN with no other persona?This BU maintained page implies TC-NAC on top a RADIUS PSN is possible and provide scaling numbers for this situation:ISE admin guide however says ...
What are the rules for 3515 appliances with regards to additional power supply and additional disk?Same as for 3415 appliances (ie yes for the former and no for the latter?)
Hi RobustMeraki,For this you can go SAML and integrate Duo with Passwordless (if you have the needed requirements for Windows Hello, from hardware and licensing perspectives). Or can you use a phone one button validation (coupled with risk based auth...
Hi Gary,Cisco Employee here, from the Security side of the house. Cisco Secure client VPN module on Windows does not mandate existence of a TPM, however it will definitely support TPM if there is one for certificate based authentication. (Independent...
Thanks Paul, spot on.
Not sure why I drifted from Radius Token server to RADIUS proxy instead.
Indeed with usage of DUO Auth Proxy as a RADIUS token server, there's no concern anymore.
I'm still curious about RADIUS proxy and CoA and will test that...
