Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Cisco ACS, single-login and RSA SecurID

we need to deploy the following

1. both internet IPsec VPN and SSL VPN will run from a Cisco ASA5510

2. Users use the same credential as their office Windows AD Domain, aka single-login

3. RSA server has been installed to provide two-factor authentication. User will have a RSA SecurID token and enter token number upon login of VPN

questions:

1. do we need a Cisco ACS?

2. if ACS is optional, what is the benefit of ACS?

3. does ASA firewall talk to RSA or ACS will communicate with RSA?

I guess I need to understand all the necessary components and data flows the high level

thanks

1 REPLY
Silver

Re: Cisco ACS, single-login and RSA SecurID

1- No. You can use the radius function on the

RSA Server itself. However, the radius

function in the RSA Server is very limited,

unless, you use the RSA server appliance with

has Juniper/Steelbelt radius, then it will have

everything you need. The alternative is

to use Microsoft IAS with RSA server.

2- ACS provides much more than what you

required.

3- Firewall communicates with ACS or it can

communicate with RSA if Radius is running

on the RSA Server.

496
Views
0
Helpful
1
Replies
CreatePlease login to create content