collapse

Search


User Info

 
 
Welcome, Guest. Please login or register.
Did you miss your activation email?
« previous next »
Pages: [1]

Author Topic: ACS 5.4 OTP on behalf of techuser123  (Read 45484 times)

Offline Administrator

  • Administrator
  • Cisco King
  • *****
  • Posts: 61
  • Reputation: 1000
  • Certification: N/A
ACS 5.4 OTP on behalf of techuser123
« on: August 07, 2014, 04:55:56 PM »
I need your help to configure OTP using RADIUS Identity Servers, but I can't find any documentation related to it, this will be SMS server
Logged

Offline MC

  • Global Moderator
  • Cisco Guru
  • *****
  • Posts: 401
  • Reputation: 606
  • CCIE x3 (RS,Sec,SP)
  • Certification: CCIE
Re: ACS 5.4 OTP on behalf of techuser123
« Reply #1 on: August 07, 2014, 11:08:15 PM »
I am not familiar with how SMS server operates for OTP. Can you elaborate on how it works and what you are trying to accomplish as far as user experience?
Logged

Offline techuser123

  • Cisco Newbie
  • *
  • Posts: 1
  • Reputation: 0
  • Certification: CCNP
Re: ACS 5.4 OTP on behalf of techuser123
« Reply #2 on: August 08, 2014, 09:35:33 AM »
what i am trying to configure is Two factor authentication, the users connected to the remote access VPN will have to enter the username and password configured locally on the ACS and after that they will be challenged to enter another password which will be sent by SMS server to their Mobile phone.

this is some how like the integration with the RSA server, but in this scenario we will use the SMS server to send the code, I couldn't find any documentation related to that.I am not sure if someone else tried to configure such a scenario.

thanks,
Logged

Offline MC

  • Global Moderator
  • Cisco Guru
  • *****
  • Posts: 401
  • Reputation: 606
  • CCIE x3 (RS,Sec,SP)
  • Certification: CCIE
Re: ACS 5.4 OTP on behalf of techuser123
« Reply #3 on: August 09, 2014, 05:33:45 PM »
My guess would be to get that second password prompt for the OTP, ACS has to closely integrate to the OTP server similarly to RSA since ACS has to somehow inform the SMS server to send out an OTP to user upon a successfully authentication. If there a way for user to request a password from the SMS server beforehand, similarly to how you can generate an OTP from a security token? Can the SMS alone act as a RADIUS server? Are you using AnyConnect VPN or something else?
Where I am getting to is, AnyConnect allows you to configure a double authentication to two separate RADIUS servers if that would work for you.
Logged
Pages: [1]
« previous next »
 

Related Topics

  Subject / Started by Replies Last post
3 Replies
28710 Views 		Last post November 01, 2013, 10:50:34 PM
by adecisco
5 Replies
30698 Views 		Last post May 28, 2014, 11:16:26 PM
by MC
1 Replies
45670 Views 		Last post March 31, 2021, 11:04:00 PM
by Administrator
3 Replies
49552 Views 		Last post February 05, 2022, 10:03:33 PM
by MC
1 Replies
76183 Views 		Last post February 06, 2024, 07:51:48 PM
by MC

SimplePortal 2.3.7 © 2008-2024, SimplePortal