Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

WebVPN user authentication with more than 1 server at the same time

Hi all,

Does anyone know if ASA support more than 1 authentication server at the same time? I want to authenticate WebVPN users by LDAP and RSA SecurID. I mean WebVPN users have to enter the LDAP username, password and SecurID tokencode when login.

Please advice.

Thanks for advance,

Nitass

2 REPLIES
Silver

Re: WebVPN user authentication with more than 1 server at the sa

I have not heard such authentication mechanisms, at the same level of authentication. May be it is possible to use two different authentication servers for two different levels, that is, first get authenticated by LDAP server and then again get authenticated with SecurIP Token. Has anyone implemented this two level authentication?

New Member

Re: WebVPN user authentication with more than 1 server at the sa

Yes this is working

but you need to have the same user database in the RSA appliance and Ldap server

the passwork will be only checked in the primary auth server

anyway the ldap config is tricky if you want to use groups too, you need to map some Ldap attribute in the Asa, there's a doc somewhere in the Cisco tech support to do that.

good luck

Johann

355
Views
0
Helpful
2
Replies
CreatePlease login to create content