Software tokens possible ???
-
Hi all,
I understand the pfsense Captive Portal feature is similar to the Cisco "authentication proxy".
Has anyone tried or does anyone know if it would be possible to authenticate with a commercial or open source software token (WiKiD or SecurID) instead of going through a browser login/password combination?
thanks,
Dave -
You can sponsor it.
-
@ermal:
You can sponsor it.
Ok, can someone give me a ballpark estimate as to the amount of work involved?
-
go here and ask
-
Are you sure there is a problem here?
I'm not running pfSense, but the docs <http: tinyurl.com="" yc6yrvp="">say pfSense's Captive Portal feature supports RADIUS. The RSA Authentication Manager, the authentication server needed to support RSA SecurIDs – hardware tokens or software token-emulation apps -- includes an 802.1x-compliant RADIUS server, built around the Juniper Steel Belted RADIUS. (The RSA RADIUS server supports both PAP and EAP authentication protocols, including POTP, TTLS, PEAP, and EAP15.) See: <http: www.rsa.com="" node.aspx?id="1166">and <http: www.rsa.com="" node.aspx?id="1167">.
Looks like a match! All the pieces are in place, so if it doesn't work, it can't be a major challenge to make it work. (I'm a consultant to RSA so I know the SecurID world best. but I'm certain both the free and commercial versions of WikiD <http: www.wikidsystems.com="">are also fully RADIUS-compatible. I would be surprised if any commercial two-factor authentication system does not today support RADIUS.)
Suerte,
_VinHi all,
I understand the pfsense Captive Portal feature is similar to the Cisco "authentication proxy".
Has anyone tried or does anyone know if it would be possible to authenticate with a commercial or open source software token (WiKiD or SecurID) instead of going through a browser login/password combination?
thanks,
Dave</http:></http:></http:></http:>