collapse

Search


User Info

 
 
Welcome, Guest. Please login or register.
Did you miss your activation email?

Author Topic: ACS 5.4 OTP on behalf of techuser123  (Read 2595 times)

Offline Administrator

  • Administrator
  • Cisco King
  • *****
  • Posts: 44
  • Reputation: 1000
    • View Profile
  • Certification: N/A
ACS 5.4 OTP on behalf of techuser123
« on: August 07, 2014, 04:55:56 PM »
I need your help to configure OTP using RADIUS Identity Servers, but I can't find any documentation related to it, this will be SMS server

Offline MC

  • Global Moderator
  • Cisco Guru
  • *****
  • Posts: 379
  • Reputation: 606
  • CCIE x3 (RS,Sec,SP)
    • View Profile
  • Certification: CCIE
Re: ACS 5.4 OTP on behalf of techuser123
« Reply #1 on: August 07, 2014, 11:08:15 PM »
I am not familiar with how SMS server operates for OTP. Can you elaborate on how it works and what you are trying to accomplish as far as user experience?

Offline techuser123

  • Cisco Newbie
  • *
  • Posts: 1
  • Reputation: 0
    • View Profile
  • Certification: CCNP
Re: ACS 5.4 OTP on behalf of techuser123
« Reply #2 on: August 08, 2014, 09:35:33 AM »
what i am trying to configure is Two factor authentication, the users connected to the remote access VPN will have to enter the username and password configured locally on the ACS and after that they will be challenged to enter another password which will be sent by SMS server to their Mobile phone.

this is some how like the integration with the RSA server, but in this scenario we will use the SMS server to send the code, I couldn't find any documentation related to that.I am not sure if someone else tried to configure such a scenario.

thanks,

Offline MC

  • Global Moderator
  • Cisco Guru
  • *****
  • Posts: 379
  • Reputation: 606
  • CCIE x3 (RS,Sec,SP)
    • View Profile
  • Certification: CCIE
Re: ACS 5.4 OTP on behalf of techuser123
« Reply #3 on: August 09, 2014, 05:33:45 PM »
My guess would be to get that second password prompt for the OTP, ACS has to closely integrate to the OTP server similarly to RSA since ACS has to somehow inform the SMS server to send out an OTP to user upon a successfully authentication. If there a way for user to request a password from the SMS server beforehand, similarly to how you can generate an OTP from a security token? Can the SMS alone act as a RADIUS server? Are you using AnyConnect VPN or something else?
Where I am getting to is, AnyConnect allows you to configure a double authentication to two separate RADIUS servers if that would work for you.

 

Related Topics

  Subject / Started by Replies Last post
3 Replies
2483 Views
Last post November 01, 2013, 10:50:34 PM
by adecisco
0 Replies
1646 Views
Last post December 14, 2013, 09:08:00 AM
by Administrator
4 Replies
3102 Views
Last post February 14, 2014, 09:28:23 PM
by jpeters092
1 Replies
1953 Views
Last post March 07, 2014, 12:19:23 PM
by MC
5 Replies
2772 Views
Last post May 28, 2014, 11:16:26 PM
by MC

SimplePortal 2.3.5 © 2008-2012, SimplePortal