From: Guyler, Rik (rguyler@shp-dayton.org)
Date: Wed Sep 14 2005 - 16:29:11 GMT-3
The 3000 series does support new PIN mode. I use RSA on the backend with
ACS in the middle and new PIN mode works fine. Also works fine with my
AS5300, which is really just a router on steroids.
Rik
-----Original Message-----
From: Jens Petter Eikeland [mailto:jenseike@start.no]
Sent: Wednesday, September 14, 2005 6:26 AM
To: 'Wing Lam'; ccielab@groupstudy.com
Subject: SV: PIX 7.0 ACE authen
Hi there,
A few of the NASes supported by Cisco Secure ACS either do not support "new
PIN mode" functionality or support it in a limited fashion. New PIN mode is
when token-card users can be required to enter new PINs at login.
The following two types of NASes do not support new PIN mode functionality:
* Cisco Secure VPN 3000 Concentrator
* Cisco Secure PIX Firewall
Additionally, Cisco IOS routers can support new PIN mode functionality with
specific configuration.
Regards
Jens Petter Eikeland
-----Opprinnelig melding-----
Fra: nobody@groupstudy.com [mailto:nobody@groupstudy.com] Pe vegne av Wing
Lam
Sendt: 14. september 2005 12:07
Til: ccielab@groupstudy.com
Emne: PIX 7.0 ACE authen
Dear Group;
Sorry for OT, has any body try to use PIX for client-to-site VPN connect,
which users will be authen by ACE secure token? Here I would like to ask the
following:
1) Can PIX connect to ACE Server directly without the use of Radius?
2) If yes, can this VPN client supports new PIN mode of this VPN connection?
3) If no, can this VPN client supports new PIN mode of this VPN connection
by Radius authentication?
4) Any link can be reference?
Thanks a lot,
BBD
This archive was generated by hypermail 2.1.4 : Sun Oct 02 2005 - 14:40:15 GMT-3