[c-nsp] ASA VPN with Local CA on the ASA

Ian Henderson ianh at ianh.net.au
Wed Aug 17 17:14:57 EDT 2011


On 18/08/2011, at 2:54 AM, Jay Nakamura wrote:

> information they store.  But don't have the budget nor resources to
> keep up the current RSA SecureID server which is a bit overkill for
> them.  They thought certificate based auth will be not as good as
> SecureID but better than just user/pass.

There are one-time-password solutions other than SecureID. Check out yubico.com - simple, open source software, cheap hardware ($25USD per user), install your own AES keys (avoids the recent SecureID hack).


More information about the cisco-nsp mailing list