Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Two Factor Authentication for UC servers

Has anyone setup any form of two factor authentication for logging into UC servers (Callmanager/Unity) for administrators using RSA SecurID's or another form of authentication?  We currently use our LDAP account or setup a Application User account but our Security group would like to add another layer of authentication.  Any suggestions?

  • Unified Communications Applications
Everyone's tags (2)
7 REPLIES
Silver

Two Factor Authentication for UC servers

Hello gzulko,

For the Web administration page you could have an initial proxy url for initial authentication (CISCO or  3rd party), then once you reach the CUC page you can use your LDAP credentials.

Regards,

+david+

New Member

Two Factor Authentication for UC servers

What is stopping the admin user from just putting in the the IP/URL of the UC server and bypassing the proxy?

Silver

Two Factor Authentication for UC servers

Hi gzulko,

Nothing, thats why the URL redirecting should always occur to the proxy first in order to provide the credentials for your first layer of authentication.

Regards,

+david+

New Member

Two Factor Authentication for UC servers

Thanks for your help David.  This is not my area of expertise, so if I put in the UC servers IP/URL the proxy server will intercept the request and block it from reaching the UC server?  Our Security group wants two factor enforced so I cannot bypass the second method of authentication.

Gary

New Member

Gary,

Gary,

Were you able to setup the two factor authentication for your servers?

New Member

No, we never did.

No, we never did.

New Member

Okay, Thanks.

Okay, Thanks.

459
Views
0
Helpful
7
Replies
This widget could not be displayed.