03-26-2011 11:58 AM
Hi,
is it posibble to create an one-time password on ASA for VPN access?
I googled a little bit and found out some solutions with one-time servers from other vendors.
I wonder if this is possible without additional hardware/software.
Solved! Go to Solution.
03-26-2011 08:47 PM
Hi,
you will have to integrate the VPN with the RSA. they will give you a one time password configuration either in form of soft token or hard token.
Apart from RSA, there is no other option i guess.
Hope this helps.
Regards,
Anisha.
P.S.: please mark this post as answered if you feel your query is resolved. Do rate helpful posts.
03-26-2011 08:47 PM
Hi,
you will have to integrate the VPN with the RSA. they will give you a one time password configuration either in form of soft token or hard token.
Apart from RSA, there is no other option i guess.
Hope this helps.
Regards,
Anisha.
P.S.: please mark this post as answered if you feel your query is resolved. Do rate helpful posts.
03-26-2011 08:54 PM
I don't know of a way to have a one use password for VPN access but you can have the password expire after 1 day. If you created a seperate tunnel group you can set this up to automatically expire.
Ex:
ASA5510(config)# tunnel-group tempusers general-attributes
ASA5510(config-tunnel-general)# passwo
ASA5510(config-tunnel-general)# password-management ?
tunnel-group-general mode commands/options:
password-expire-in-days Password expire in days
ASA5510(config-tunnel-general)# password-management pass
ASA5510(config-tunnel-general)# password-management password-expire-in-days ?
tunnel-group-general mode commands/options:
<0-180> Number of days (0-180)
It's the best solution I can think of besides using a radius server.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide