- Original Message
From: Dominik Bay d@rrbone-bb.net
To: cisco-nsp@puck.nether.net
Sent: Thu, August 26, 2010 6:28:22 AM
Subject: Re: [c-nsp] Router 2 factor authentication
On Thu, 26 Aug 2010 10:42:28 +1000
Ben Steele b...@bensteele.org wrote:
Out of curiosity can you tell me what led
Hi Mark,
On Thu, 26 Aug 2010 01:45:17 -0700 (PDT)
Mark Tech techcon...@yahoo.com wrote:
Hi Dominik
Your solution sounds like what I'm looking for. Are you using RADIUS
or TACACS as your AAA?
With regard to the cli that you will see from the router, do you just
enter username and
we are using Cisco ACS with RSA ACE integration for these devices.
You will get a standard prompt like:
TACACS+ Username: myuser
Password: token-pin+token-one-time-password
The login is fast, and from what I hear the ACS+ACE setup is stable
enough to not being punished by your server
The problem, IMHO, with SecurID for management access of network
devices, is that you have to wait 1 minute to logon to another
device. So it's ok for provisioning tasks, but when you have a
problem and you need to login instantly to 4-5 devices, it's
rather unpleasant to wait 1 minute
Hi
I am looking for a 2FA solution in order to connect to Cisco devices. I would
like to use either Radius or TACACS as the AAA part, however I'd like to know
whether/how I could interconnect this to a 2nd auth such as a token based RSA
securID platform
I'd appreciate any input if this is
How about users appending the token digits to the password? Of course this
would mean your storing plain text passwords on the tacacs server
somewhere..
On 25 August 2010 21:06, Mark Tech techcon...@yahoo.com wrote:
Hi
I am looking for a 2FA solution in order to connect to Cisco devices. I
I am looking for a 2FA solution in order to connect to Cisco devices. I
would
like to use either Radius or TACACS as the AAA part, however I'd like to
know
whether/how I could interconnect this to a 2nd auth such as a token based
RSA
securID platform
I'd appreciate any input if this is
On Wed, Aug 25, 2010 at 01:06:24PM -0700, Mark Tech wrote:
I am looking for a 2FA solution in order to connect to Cisco devices. I would
like to use either Radius or TACACS as the AAA part, however I'd like to know
whether/how I could interconnect this to a 2nd auth such as a token based RSA
Hello Mark:
-Original Message-
From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-
boun...@puck.nether.net] On Behalf Of Mark Tech
Sent: Wednesday, August 25, 2010 1:06 PM
To: cisco-nsp@puck.nether.net
Subject: [c-nsp] Router 2 factor authentication
Hi
I am looking
Out of curiosity can you tell me what led you to wanting 2FA for these
devices, and how the traditional acl/tacacs method failed your requirements?
Of course anyone who has implemented it is free to chime in, just generally
interested in peoples security concerns around this and how you feel it
Hello Ben:
-Original Message-
From: cisco-nsp-boun...@puck.nether.net [mailto:cisco-nsp-
boun...@puck.nether.net] On Behalf Of Ben Steele
Sent: Wednesday, August 25, 2010 5:42 PM
To: Mark Tech
Cc: cisco-nsp@puck.nether.net
Subject: Re: [c-nsp] Router 2 factor authentication
Out
On Thu, 26 Aug 2010 10:42:28 +1000
Ben Steele b...@bensteele.org wrote:
Out of curiosity can you tell me what led you to wanting 2FA for these
devices, and how the traditional acl/tacacs method failed your
requirements?
We are using RSA SecurID on P and PE Routers to secure the core network
12 matches
Mail list logo