cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
133
Views
5
Helpful
1
Replies
Highlighted
Enthusiast

AireOS WLCs support for passcode to facilitate 2FA

Hello Experts,

 

We have a requirement to enable 2FA for device administration on AireOS WLCs with passcodes using the ISE & SAFENET. 

 

When I test the passcode option with Cisco switches it works fine (after success TACACS authentication, getting prompted for passcode), while this is not working on Cisco AireOS WLCs. Could find a guide for 2FA through 'PUSH-BASED' 2FA using DUO for Cisco WLC, however the requirement is to enable it through passcodes. 

https://community.cisco.com/t5/wireless-mobility-documents/cisco-wlc-2fa-with-duo-step-by-step/ta-p/3952024

 

Can this OTP challenge / passcodes be even facilitated as part of 2FA on AireOS WLCs?

Everyone's tags (3)
1 REPLY 1
Highlighted
VIP Rising star

Re: AireOS WLCs support for passcode to facilitate 2FA

this should be possible.

it is the authentication server (ISE) that handles the 2FA, not the WLC!

you al ready got this operational with the passcodes, so no new elements here!

-> review your ISE policies where they handle management acces to the switch differently than to the WLC.

maybe it is just as simple as adding WLC to the group devices used for the 2FA policy and reviewing the order of the policies.

 

CreatePlease to create content
Content for Community-Ad

Cisco COVID-19 Survey