How to setup 2fa on Cisco routers and switches

DaMan · January 14, 2020, 5:41pm

plettich · January 27, 2020, 10:01am

Hello and welcome to the forum,

this is a quite broad question, usually these devices have the possibility to use the Radius protocol for authentication. You can plug into the radius authentication to enable 2fa.
Hope this helps.

DaMan · February 4, 2020, 1:54pm

I have to setup 2fa on our Cisco equipment. We are currently using Privacy Idea to authenticate our VPN users. Currently our Cisco equipment is configured to use ACS 5.8 for authentication. I want the second factor to use Privacy Idea and the OTP tokens. I am new to Privacy Idea. I have added some test devices to the /etc/raddb/clients.conf file. One problem is I can’t seem to get ACS and Radius to talk. I can ping between ACS and Privacy Idea. I’m not sure of what all needs to be configured for this to work. Any and all assistance is greatly appreciated. Thanks.

henry · February 4, 2020, 3:12pm

Have you configured your PI server as an external RADIUS server in ACS 5.8?

DaMan · February 4, 2020, 3:22pm

Yes. The radius server is Free Radius install on Privacy Idea server.

henry · February 4, 2020, 3:23pm

This does not answer the question I asked…