I am needing help or direction to a document whcih can assist me solving the below issue:
1). Authentication to IAS with OTP.
2). AV Pairs for Cisco ASA.
In brief I have Radius via IAS, authentication working with the standard username and password from AD.
When I implement the OTP feature I receive the error username or password not valid as per the below:
Event Type: Warning
Event Source: IAS
Event Category: None
Event ID: 2
Time: 2:08:13 PM
User erezsh was denied access.
Fully-Qualified-User-Name = NTS-QA\erezsh
NAS-IP-Address = 10.20.2.249
NAS-Identifier = <not present>
Called-Station-Identifier = <not present>
Calling-Station-Identifier = <not present>
Client-Friendly-Name = Cisco-ASA
Client-IP-Address = 10.20.2.249
NAS-Port-Type = Virtual
NAS-Port = 40
Proxy-Policy-Name = General
Authentication-Provider = Windows
Authentication-Server = <undetermined>
Policy-Name = <undetermined>
Authentication-Type = PAP
EAP-Type = <undetermined>
Reason-Code = 16
Reason = Authentication was not successful because an unknown user name or incorrect password was used.
The OTP feature uses a xml plugin whcih appears straightforward, but I feel is causing me the issue:
The question in relation to the above is is there an av attribute for the ASA for pap credentials (Password).
Any help or direction would be appreciated.
Thanks in Advance.