Windows Environment 2FA using an Android or iOS App

  • So I'm looking for some "reasonable" solutions for 2FA to connect to a Cisco VPN with a Windows Network.

    • What needs to be configured server side?

    • How do I get the "App" ?

    • Any pricing available?

    Anything else that I'm missing?

  • can you provide more details on the goal, or how you see this functioning?

  • The goal is to have a cheap user device (chromebook or other simple laptop) that our employees will have.

    They connect to our corporate VPN, get prompted for 2FA authentication token and then allowed to connect.

    Once that connection is made, then they they have an RDP icon on the work space that connects them to a TS running what they need to work.

    Or the connection to the VPN opens the connection automatically.

  • Cisco VPN and Cheaper... not normally a combination that goes together 😉

    Why not a web gateway?

  • This is be an interesting project - I haven't done anything with 2FA yet - and only seen Scott's 2FA jump box project as a setup.

  • Why not just do an SSH tunnel through a Linux box with 2FA. My jump box has 2FA with Google Authenticator, and when I create the tunnel it asks me for my auth code. Then I just use Chrome RDP to connect.

    You can save the connection in the Chromebook and all they need to fill in is the username and password. Same with RDP, you can save the connection settings, and just have them fill in username and password info.

  • DuoSecurity

  • Banned

    NPS will handle the 2FA you connect it is with Radius. Works well for us.

    We use SecurID as our provider which can be either software (iphone/android app)or RSA keyfob.