Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1991
Views
5
Helpful
7
Replies

Cisco AnyConnect Dual Authentication Setup

Go to solution
IT-LDI
Level 1
Level 1

‎12-08-2021 12:28 PM - edited ‎12-08-2021 01:24 PM

We are currently using Cisco AnyConnect 4.x to access remotely. We are also running Cisco Firepower, and have Active Directory running.

 

I will start with my first question on this.

 

  1. Do I need to purchase another certificate for the 2nd authentication?

 

I did find this information from Cisco and hoping that this would be one way to do the dual authentication.

ASA AnyConnect Double Authentication with Certificate Validation, Mapping, and Pre-Fill Configuration Guide - Cisco

 

Thank you,

Labels:
2 Accepted Solutions

Accepted Solutions

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to IT-LDI

‎12-08-2021 07:37 PM

yes it is possible, choose the 2 facto authentication method, like any token-based, or google authenticator or Azure (based on the requirement).

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

0 Helpful
7 Replies 7

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎12-08-2021 02:45 PM

Are you looking Multi-Factor Authentication? what is the Version of FTD you running?

 

https://www.cisco.com/c/en/us/td/docs/security/firepower/640/relnotes/firepower-release-notes-640/features.html

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
IT-LDI
Level 1
Level 1
In response to balaji.bandi

‎12-08-2021 04:17 PM - edited ‎12-08-2021 04:28 PM

Yes I am looking at multifactor authentication for Cisco AnyConnect login. We are running Firepower 6.4.0.4 build 34. I see that the link shows that it can be done. 

 

It looks like maybe it can be done from the link you provided

 

1.JPG

 

Here's what we're running

2.JPG

 

Thank you

0 Helpful

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to IT-LDI

‎12-08-2021 07:37 PM

yes it is possible, choose the 2 facto authentication method, like any token-based, or google authenticator or Azure (based on the requirement).

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
IT-LDI
Level 1
Level 1
In response to balaji.bandi

‎12-09-2021 02:15 AM

It it possible with my version of FMC Firepower Management Console or must I upgrade it to have the Firepower Threat Defence? Is this just purchasing another Cisco License or do the ASA's need to be upgraded too?

0 Helpful

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to IT-LDI

‎12-09-2021 02:51 AM

For 2 Facto authentication - i do not believe you need extra License, you need to integrate with 2nd factory authentication with the vendor you choose.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
IT-LDI
Level 1
Level 1

‎12-09-2021 03:37 AM

So it cannot be done directly through the FMC and a 3rd party application needs to be used. Is it because we are runniing the FMC and not FTD? I thought the link you provided showed that it was possible.

0 Helpful
Top