01-28-2008 03:19 AM - edited 02-21-2020 03:30 PM
Hi, I have implemented RSA secure ID with our remote access setup and I cannot get the VPN client to prompt for next tokencode. It always prompts for username/password so the user doesnt know they are in next token mode. We are using vpn client 4.8/pix 7.2 (3)/Cisco secure ACS ver4.0/RSA Auth manager 6.1. Can anyone offer any advice ?
Many thanks
Nicky
01-28-2008 08:36 AM
I have the same setup and it works fine for
me. I use ACS version 3.2 on Win2k3 and
RSA 6.1 on Linux. I configure the ACS for
External user authentication for remote access
VPN and also for managing cisco devices.
Users connect to the Cisco Pix 8.0(2) and
the authentication is checked by the ACS.
ACS then proxies off that authentication to
a RSA SecurID Server. next token code does work
here is an sample:
Username: test3
Password:
Enter your new PIN, containing 4 to 8 digits,
or
Please re-enter new PIN:
Wait for the code on your card to change, then log in with the new PIN
Enter PASSCODE:
C2960#
CCIE Security
01-29-2008 12:23 AM
Hi thanks for your reply and your example. When I telnet to my pix I dont get the new pin prompt, the VPN client 4.8 does though which is weird ? What version of vpn client are you using ?
thanks
Nicky
01-29-2008 02:54 AM
I use vpn client version 4.8
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide