Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
608
Views
5
Helpful
1
Replies

Machine auth with aaa and secondary auth

Stuart-ITGL
Level 1
Level 1

‎09-05-2019 08:23 AM

Does anyone know if it is possible to set up an Anyconnect tunnel such that it uses Machine Authentication (from a cert) as well as querying a RADIUS server for the primary authentication with RSA SecurID used a the Secondary method?

 

Essentially want to tie down connections to domain registered devices in addition to the use of AAA and 2FA

 

TIA

Labels:
0 Helpful
1 Reply 1

Rob Ingram
VIP
VIP

‎09-05-2019 08:29 AM

Hi,
Yes this is possible. You can configure double authentication (aaa and certificate). The client certificate will be authenticated against the certificate on the ASA. It will also send another authentication request to the RADIUS server.

HTH
Customers Also Viewed These Support Documents