08-13-2009 05:38 AM - edited 02-21-2020 03:37 AM
In the past I am having problem to get the next token mode working on ASA 8.0.3. We have users are using SSL vpn and authenticate via RSA server. If users type in the token incorrectly, it should prompt for waiting the next token mode. Have not upgrade my ASA to 8.0.4 yet but would like to know if ASA 8.0.4 does support next token mode.
Thank you
08-14-2009 03:52 AM
Thanh
We are running 8.0.4 and users do get prompted for next token mode.
HTH
Rick
08-14-2009 04:51 AM
Richard,
Thank you for the reply. I just tested yesterday on 8.0.4 code and still not getting the next token mode. I am not sure what did I do wrong. I am not the admin of the RSA box but on the ASA I have the group of webvpn pointing to RSA with SDI protocol for authentication and still no good. Can you share your point. I appreciated.
08-14-2009 05:15 AM
Thanh
We are using a mix of the traditional IPSec client and the new AnyConnect client on our ASA. I have authentication configured to communicate with the RSA server specifying SDI protocol. And our users do get the next token mode prompt.
HTH
Rick
08-14-2009 06:11 AM
Rick,
Unfortunately the group of this users are using clientless and it would be nice to get the next token mode working. This was testing on the 5505 box. Interesting, I just tested the IPsec client version 5.0.03 with RSA authentication on the main ASA 8.0.3 code and no next token mode so tonight the main ASA is going to be upgraded to 8.0.4 code and I can test with the ipsec client. As for clientless, I just have to dig some more.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: