01-07-2015 10:19 AM
We're considering purchasing a Cisco ASA 5515-X Firewall Edition - security appliance, but I don't seem to be able to find anywhere in the docs if smartcard authentication is possible with this device. The only thing I did explicitly find is that CLI won't allow smartcard authentication.
Any insight?
01-07-2015 11:54 AM
There are several means by which a Smartcard infrastructure can be integrated with an ASA. The primary and most common one I see is when the Smartcards are used in conjunction with your Active Directory infrastructure and the ASA authentication method includes your AD server(s).
The other method is whereby the Smartcard is a repository for the user certificate and the ASA is setup to use certificate-based authentication. There a somewhat dated (but mostly valid conceptually) guide on doing that here:
http://www.cisco.com/c/en/us/support/docs/security/pix-500-series-security-appliances/107237-CAC-Anyconnect.html
01-07-2015 12:03 PM
Thank you so much for your answer.
I took a look at the document. Does that also apply to the Cisco ASA 5515-X Firewall Edition?
It seems all documents always refer to ASA 5500 series, and I just want to make sure there isn't a special caveat with the 5515
01-07-2015 12:07 PM
You're welcome.
There's no special caveat with that bundle.
You would (as with any ASA used in this context) need to have the free 3DES-AES license activated if you're using SSL VPN.
Please rate helpful answers and mark your question as answered if it has been.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide