Is there a way of enforcing different auth behaviour dependant on the interface involved on the NAS?
NAS in question ASA firewall pointing AAA to ACS 5.1
The ASA has SSL VPN connections to Inside and Outside interfaces and config needs:-
- any SSL VPN connection to outside interface to trigger two factor auth through ACS
- any SSL VPN connection to inside interface to use normal auth to ACS
i.e. if user connects to inside interface only normal username/password required but if user connects to outside interface username/password+token required