Solved

Cisco ASA 5550 VPN AnyConnect 2-factor authentication

Posted on 2013-12-03
2
3,390 Views
Last Modified: 2013-12-04
Dear experts,

I try to figure out how to exactly configure a secure two factor authentication with an AAA server (RADIUS) and certificate on Cisco ASA 5550 AnyConnect VPN.
AAA server authentication works fine but it is as solely factor not enough.
Therefore I  tried to configure user specific certificates as second factor (because the key length is long enough against brute-forcing it) and delivered the users certificate as download on the ASA enrollment site after the users enter username and one time password.

Both together won't works.
Is there any forgotten setting to configure / change? Any suggestion would be great!

Thanks in advance!
D. Andris
0
Comment
Question by:mpiib
2 Comments
 
LVL 62

Accepted Solution

by:
btan earned 500 total points
ID: 39694586
This how to guide for start. May want to share specific error from asa or anyconnect client in event viewer etc
http://m.networkworld.com/community/blog/how-guide-cisco-asa-sslvpn-using-certificates
0
 

Author Closing Comment

by:mpiib
ID: 39695460
Works for me after some action. Thanks a lot.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Healthcare providers, insurance companies and other covered entities trust eFax Corporate to transmit their most sensitive documents. eFax Corporate can help your organization implement a HIPAA compliant cloud faxing solution.
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now