cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1000
Views
5
Helpful
2
Replies
Highlighted
Beginner

One-time password on ASA for VPN access

Hi,

is it posibble to create an one-time password on ASA for VPN access?

I googled a little bit and found out some solutions with one-time servers from other vendors.

I wonder if this is possible without additional hardware/software.

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Cisco Employee

Hi,

you will have to integrate the VPN with the RSA. they will give you a one time password configuration either in form of soft token or hard token.

Apart from RSA, there is no other option i guess.

Hope this helps.

Regards,

Anisha.

P.S.: please mark this post as answered if you feel your query is resolved. Do rate helpful posts.

View solution in original post

2 REPLIES 2
Highlighted
Cisco Employee

Hi,

you will have to integrate the VPN with the RSA. they will give you a one time password configuration either in form of soft token or hard token.

Apart from RSA, there is no other option i guess.

Hope this helps.

Regards,

Anisha.

P.S.: please mark this post as answered if you feel your query is resolved. Do rate helpful posts.

View solution in original post

Highlighted
Beginner

I don't know of a way to have a one use password for VPN access but you can have the password expire after 1 day.  If you created a seperate tunnel group you can set this up to automatically expire.

Ex:

ASA5510(config)# tunnel-group tempusers general-attributes
ASA5510(config-tunnel-general)# passwo
ASA5510(config-tunnel-general)# password-management ?

tunnel-group-general mode commands/options:
  password-expire-in-days  Password expire in days
 
ASA5510(config-tunnel-general)# password-management pass
ASA5510(config-tunnel-general)# password-management password-expire-in-days ?

tunnel-group-general mode commands/options:
  <0-180>  Number of days (0-180)

It's the best solution I can think of besides using a radius server.