collapse

Search


User Info

 
 
Welcome, Guest. Please login or register.
Did you miss your activation email?

Author Topic: ACS 5.4 OTP on behalf of techuser123  (Read 47158 times)

Offline Administrator

  • Administrator
  • Cisco King
  • *****
  • Posts: 61
  • Reputation: 1000
  • Certification: N/A
ACS 5.4 OTP on behalf of techuser123
« on: August 07, 2014, 04:55:56 PM »
I need your help to configure OTP using RADIUS Identity Servers, but I can't find any documentation related to it, this will be SMS server

Offline MC

  • Global Moderator
  • Cisco Guru
  • *****
  • Posts: 401
  • Reputation: 606
  • CCIE x3 (RS,Sec,SP)
  • Certification: CCIE
Re: ACS 5.4 OTP on behalf of techuser123
« Reply #1 on: August 07, 2014, 11:08:15 PM »
I am not familiar with how SMS server operates for OTP. Can you elaborate on how it works and what you are trying to accomplish as far as user experience?

Offline techuser123

  • Cisco Newbie
  • *
  • Posts: 1
  • Reputation: 0
  • Certification: CCNP
Re: ACS 5.4 OTP on behalf of techuser123
« Reply #2 on: August 08, 2014, 09:35:33 AM »
what i am trying to configure is Two factor authentication, the users connected to the remote access VPN will have to enter the username and password configured locally on the ACS and after that they will be challenged to enter another password which will be sent by SMS server to their Mobile phone.

this is some how like the integration with the RSA server, but in this scenario we will use the SMS server to send the code, I couldn't find any documentation related to that.I am not sure if someone else tried to configure such a scenario.

thanks,

Offline MC

  • Global Moderator
  • Cisco Guru
  • *****
  • Posts: 401
  • Reputation: 606
  • CCIE x3 (RS,Sec,SP)
  • Certification: CCIE
Re: ACS 5.4 OTP on behalf of techuser123
« Reply #3 on: August 09, 2014, 05:33:45 PM »
My guess would be to get that second password prompt for the OTP, ACS has to closely integrate to the OTP server similarly to RSA since ACS has to somehow inform the SMS server to send out an OTP to user upon a successfully authentication. If there a way for user to request a password from the SMS server beforehand, similarly to how you can generate an OTP from a security token? Can the SMS alone act as a RADIUS server? Are you using AnyConnect VPN or something else?
Where I am getting to is, AnyConnect allows you to configure a double authentication to two separate RADIUS servers if that would work for you.

 

Related Topics

  Subject / Started by Replies Last post
3 Replies
29467 Views
Last post November 01, 2013, 10:50:34 PM
by adecisco
5 Replies
32010 Views
Last post May 28, 2014, 11:16:26 PM
by MC
1 Replies
46672 Views
Last post March 31, 2021, 11:04:00 PM
by Administrator
3 Replies
51070 Views
Last post February 05, 2022, 10:03:33 PM
by MC
1 Replies
77208 Views
Last post February 06, 2024, 07:51:48 PM
by MC

SimplePortal 2.3.7 © 2008-2024, SimplePortal