[c-nsp] Router 2 factor authentication

Dominik Bay d.bay at rrbone-bb.net
Thu Aug 26 07:39:38 EDT 2010


Hi Mark,

On Thu, 26 Aug 2010 01:45:17 -0700 (PDT)
Mark Tech <techconfig at yahoo.com> wrote:

> Hi Dominik
> Your solution sounds like what I'm looking for. Are you using RADIUS
> or TACACS as your AAA?
> 
> With regard to the cli that you will see from the router, do you just
> enter username and passwd+PIN

we are using Cisco ACS with RSA ACE integration for these devices.
You will get a standard prompt like:

TACACS+ Username: myuser
Password: <token-pin>+<token-one-time-password>

The login is fast, and from what I hear the ACS+ACE setup is stable
enough to not being punished by your server operations team for
choosing this solution. :-)

Kind regards,
Dominik


More information about the cisco-nsp mailing list