Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Multi-factor VPN authentication on ASA

Can the ASA be configured to leverage XAuth against both SDI (RSA token) and Windows AD? It seems we can configure only one or the other but not both. For example, if we configure authentication using SDI, the VPN client only prompts for a username and passcode. Is there a way to implement so that we are prompted for a username, passcode (RSA) and password (Windows AD via RADIUS)?

1 REPLY

Re: Multi-factor VPN authentication on ASA

Cheers,

The reason why the asa authenticates to SDI or AD and not both has to do with the fact that you need to have your AD integrated with your Token server, ASA will prompt for username and password and the AD server will instruct the ASA to request token only if this AD has the correct integration with SDI, check google for this features with AD and SDI.

515
Views
0
Helpful
1
Replies
CreatePlease to create content