Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
457
Views
0
Helpful
0
Replies

AnyConnect Auth AD + OTP + Machine Cert

stanislav.pilat
Level 1
Level 1

‎04-29-2019 12:23 AM

Hi Guys,

 

I got a request from my customer:

He is using Anyconnect authentication AD + OTP (Freeradius) and now he wants to add authentication with machine certificate so only corporate computers are allowed to connect to the VPN and migrate it completelly to ISE.

 

My proposal is using ASA's double authentication feature:

- first authentication = machine cert

- second authentication AD + OTP with was machine authenticated rule on ISE.

 

It is my first thought and I'm gonna build a lab for this, but just want to know if it isn't totally out :) 

 

Thank you!

 

SP.

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents