01-29-2010 07:14 AM
Hi!
I have some questions regarding the webvpnportal
Fredrik
05-11-2010 12:04 PM
Hi Fredrik,
I wonder if you could help me to set up ASA for OTP authentication. How do you get to insert OTP after SSL VPN authentication with user AD credentials? I can't figure it out how to configure this part on ASA. Do you use Portal customization or it's sort of redirection to another page where you can insert OTP.
Thanks in advance,
Remi
05-12-2010 12:29 AM
Hi!
We've used a RADIUS-server from Mideye that sends OTP via SMS to our users.
The setup is something like this:
Cisco ASA <-> Mideye RADIUS <-> Active Directory
1. Installed Mideye and configured it to "relay" authentication-requests to Active Directory.
Mideye will also read some attributes from the user-objects, such as mobile-phone-number.
2. Configured the Cisco ASA to use the Mideye-server for authentication (using RADIUS).
3. Done
The user enters their credentials on either the portal-page or in AnyConnect.
The credentials are send to Mideye which tries to authenticate the user against Active Directory.
If the authentication is successful the Mideye reads the users mobile-phone-number and sends an SMS with the OTP
The Mideye server then proabaly sends some indication to the Cisco ASA that an OTP is expected from the user.
The user is presented with an OTP-field and enters the information from the received SMS
The OTP-information is verified with the Mideye server, if correct, the user is logged in,
If you would like more information, email me.
Best regards,
Fredrik
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: