10-12-2013 02:37 AM - edited 03-11-2019 07:51 PM
Hi,
We are looking at doing a 2Factor authentication for certain server bound traffic using asa. the requirements are, asa should prompt for 2 factor authentication when admin users login to the servers ( hosted behind the firewall ) using telnet/rdp.
The difference is , users would not be using any cisco client ( vpn client ) for this. They will be directly using telnet/rdp from their client systems to login to the servers.
Is this possible?
Thanks in advance.
10-12-2013 12:29 PM
Hello,
Without any kind of client what you are looking for is cut-through proxy which is basically how to authenticate traffic that goes through the ASA.
Check this posts on my website for some options:
http://www.laguiadelnetworking.com/asa-virtual-http-and-virtual-telnet/
http://www.laguiadelnetworking.com/asa-http-redirect/
And remember to rate all of the helpful posts and susbcribe to my website
Regards,
Jcarvaja
10-15-2013 08:43 PM
Thanks , but can we do the same for rdp/usual telnet sessions via the ASA for traffic towards servers residing behind asa.
We do not want any vpn client to be installed on the user stations & want this 2fa to work.
Thanks in advance!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide