You should be able to use a Dynamic Access Policy (DAP) setup to first check for the machine certificate. Then further configure the profile to check for user certificate plus the RADIUS OTP authentication.
I believe it will require Anyconnect Premium license to use DAP.
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
