I have to setup our ACS to authentication all administrative session on our telecom device. Based on our security policies all use need to be authenticate by a secured password and also a second component like a security token or something else.... At this this OK I see the ACS can work with external database user which can use OTP or security token.
My concern is about our user's management software CiscoWorks. Because Ciscoworks software use it's user credentiels to run most of management job in telecom device it's use must can be autheticate by the ACS. For second authentication factor, I would like to use the source IP address of the request (I know it's very basic, security feature, but I think it's the first step.... we are not using any certificate server...) The CiscoWorks user must not be used from other IP address of the CiscoWorks server... which in some part of the network was maybe NAT by FireWalls.... I would like to know if the source of the request is also transmis to the ACS and how I can make sure the authentication request came from CiscoWorks server IP address.
I use ACS SE software version 18.104.22.168-12, at this time.... because the version 5 does'nt support token authentification....
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...