Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Help :Two-Factor Authentication in ACS 5.4

Dear All,

We are presenting ACS POC in one of our client.

we did authentication using TACACS+ in the AD user with different previllages and working fine.

And also we implemented RSA secure ID authentication, and its is working fine.

our customer need two-factor authentication using RSA secureID password and AD username password (using TACACS+).

can any one help me how to implement this scenario?

it is very urgent, please help me how to implement two factor authentication using RSA secure ID and username and password.

Thanks,

P.Ramkumar.

1 ACCEPTED SOLUTION

Accepted Solutions

Help :Two-Factor Authentication in ACS 5.4

Hi Again,

You should be able to find the information you need here:

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.3/user/guide/users_id_stores.html#wp1123587

Helpfully under the heading:

Identity Stores with Two-Factor Authentication

Cheers

Chris

8 REPLIES

Help :Two-Factor Authentication in ACS 5.4

Hi,

What are you implementing two factor authentication on?  Is this for device management, I don;t believe TACACS supports this.

Thanks

Chris

New Member

Re: Help :Two-Factor Authentication in ACS 5.4

Hi Chris,

We are try to implement two factor authentication using RSA secure ID and TACACS+(user name and password mapped with AD).

Requirement :

when user try to login switch need user name and password (which is in their AD) and RSA secure ID for that user(in RSA they mapped that AD user ).if both the cretential are correct then only user get permission to login the switch.

If they dont support means any other way to implement this requirement?

can you (any one) please tell me or share me  the step by step procedure for implement two-factor authentication(using RSA and any) in ACS 5.4.

Because i dont have a idea to implement two-factor authentication.

Any one help me how to implement two factor authentication in ACS 5.4.

and also is their any way to see the user in mapped AD group in ACS 5.x?

Thanks,

P.Ramkumar.

Help :Two-Factor Authentication in ACS 5.4

Hi Again,

You should be able to find the information you need here:

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.3/user/guide/users_id_stores.html#wp1123587

Helpfully under the heading:

Identity Stores with Two-Factor Authentication

Cheers

Chris

New Member

Help :Two-Factor Authentication in ACS 5.4

Dear chris,

Is it possible to restrict user access (read-only and super user) in switch using two factor authentication.?

our customer need switch login with username and password and the enable password is using in RSA.

if i want to configure the two-factor authentication means what are the combination of authenticators are possible?

what are the restrictions are in two factor authentication? (like this feature is not possible i.e switch mangement, privileges, etc...)

can i  use with RSA and username password authentication , can i configure user privillage levels for AD user?

i tried with identity sequence,it only authenticate one factor,if it is successful connection is established, is any way to authenticate if the two sequences are matched?  instead of OR we need AND.

please share any sample two-factor authentication guide for reference.

Thanks,

P.Ramkumar.

New Member

Help :Two-Factor Authentication in ACS 5.4

Dear Friends,

I have solved that problem.

i have used that divice login using the RADIUS(AD) and enable Password using theTACACS+(RSA).

And Authorize using Radius.

now it is working fine, but i could not restrict the user access(read-only and read-write). i tried many method(authorize tacacs) but result remains same.

Thanks for all your support,

P.Ramkumar.

New Member

Hi RamKumar, Could you please

Hi RamKumar,

 

Could you please post switch commands you have used to achieve this. I am planning to achieve more and less same scenario.

Thanks in advance

 

 

 

 

 

 

New Member

Hi dearCould u share the way

Hi dear

Could u share the way of two-factor?

New Member

Hello Ramkumar,

Hello Ramkumar,

I know this post is old. But could share the steps followed to achieve two factor authentication.

3339
Views
5
Helpful
8
Replies