Posted by:
admin
9 years, 11 months ago
We've spent some time in our lab with a Cisco ASA 5500 series VPN and we have posted a few of tutorials:
- How to add two-factor authentication to an ASA 5500 via RADIUS. This is the basic setup: you want two-factor authentication for your remote users on your Cisco ASA. Note as always, we recommend you put NPS or another Radius server between your VPN and WiKID. Note that this setup should work for any two-factor authentication server that supports radius. That's the benefit of using a standard protocol!
- How to configure the ASA 5500 for two-factor auth via the console. Same goal: two-factor for all your VPN users, but via the console. Much simpler really.
- How to protect the Cisco ASA Admin interface with 2FA. One problem enterprises have is shared admin passwords. Companies should really add two-factor authentication to all administrative accounts where possible. Obviously these logins should run through your directory via NPS or another radius server too.
- How to add mutual HTTPS authentication to the ASA SSL VPN. Here's a neat trick that will thwart most network-based MiTM attacks using WiKID's mutual https authentication. If you are worried about users connecting via dubious wifi networks, check this one out.
If you have general questions about how to architect your network for two-factor authentication, see our eguide.
Download the WiKID Strong Authentication Enterprise server. It is free for up to 5 users and only $24 per user per year after that!
The complete list of Cisco tutorials is here . Let us know if there is something else you'd like to see!
Share on Twitter Share on FacebookRecent Posts
- Blast-RADIUS attack
- The latest WiKID version includes an SBOM
- WiKID 6 is released!
- Log4j CVE-2021-44228
- Questions about 2FA for AD admins
Archive
2024
2022
- December (1)
2021
2019
2018
2017
2016
2015
2014
- December (2)
- November (3)
- October (3)
- September (5)
- August (4)
- July (5)
- June (5)
- May (2)
- April (2)
- March (2)
- February (3)
- January (1)
2013
2012
- December (1)
- November (1)
- October (5)
- September (1)
- August (1)
- June (2)
- May (2)
- April (1)
- March (2)
- February (3)
- January (1)
2011
2010
- December (2)
- November (3)
- October (3)
- September (4)
- August (1)
- July (1)
- June (3)
- May (3)
- April (1)
- March (1)
- February (6)
- January (3)
2009
- December (4)
- November (1)
- October (3)
- September (3)
- August (2)
- July (5)
- June (6)
- May (8)
- April (7)
- March (6)
- February (4)
- January (427)
2008
- December (1)
Categories
- PCI-DSS (2)
- Two-factor authentication (3)
Tags
- wireless-cellular-mobile-devices (7)
- Two-factor authentication (10)
- Wireless, cellular, mobile devices (6)
- NPS (1)
- Phishing and Fraud (111)
- Active Directory (1)
- pam-radius (3)
- privileged access (2)
- Cloud Security (10)
- Mutual Authentication (60)
- Web Application Authentication (1)
- Authentication Attacks (99)
- pci (50)
- Security and Economics (97)
- WiKID (133)
- pam (2)
- VPN (1)
- Installation (2)
- RADIUS Server (1)
- Open Source (64)
- Tutorial (2)
- Strong Authentication (35)
- Information Security (137)
- Transaction Authentication (13)
- Miscellaneous (100)
- Linux (2)
- transaction-authentication (6)
- Two Factor Authentication (254)