Solved

Cisco ASA 5550 VPN AnyConnect 2-factor authentication

Posted on 2013-12-03
2
3,496 Views
Last Modified: 2013-12-04
Dear experts,

I try to figure out how to exactly configure a secure two factor authentication with an AAA server (RADIUS) and certificate on Cisco ASA 5550 AnyConnect VPN.
AAA server authentication works fine but it is as solely factor not enough.
Therefore I  tried to configure user specific certificates as second factor (because the key length is long enough against brute-forcing it) and delivered the users certificate as download on the ASA enrollment site after the users enter username and one time password.

Both together won't works.
Is there any forgotten setting to configure / change? Any suggestion would be great!

Thanks in advance!
D. Andris
0
Comment
Question by:mpiib
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 63

Accepted Solution

by:
btan earned 500 total points
ID: 39694586
This how to guide for start. May want to share specific error from asa or anyconnect client in event viewer etc
http://m.networkworld.com/community/blog/how-guide-cisco-asa-sslvpn-using-certificates
0
 

Author Closing Comment

by:mpiib
ID: 39695460
Works for me after some action. Thanks a lot.
0

Featured Post

Defend Your Organization from The Greatest Threats

Looking to fill the gaps in your security? Bring together information from the network, endpoint and threat intelligence feeds to really see what's happening in your organization. Join the WatchGuardians in their adventures fighting cyber crime!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
Since pre-biblical times, humans have sought ways to keep secrets, and share the secrets selectively.  This article explores the ways PHP can be used to hide and encrypt information.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question