On Dec 20, 2019, at 8:48 AM, Anton Kiryushkin <swood@fotofor.biz> wrote:
Nice to get an answer from you. The First factor is password stored in DB. Second is SMS.
No, it is not for wifi; it is for VPN.
OK, that's good.
As far as I understand, Cisco ASA sends the request to the radius with the final data: login, password, OTP-code.
How? That matters. Usually, people use login name, and then take the 6 digit OTP, and add it to the password, e.g. User-Name = "bob" User-Password = "123456my_secret_password"
The only possible way to auth with the OTP is to generate it via phone application like Google Authenticator. My question is, does it possible to send an SMS instead of using the application.
FreeRADIUS doesn't send SMSs directly. It has to use a third-party application to send SMSs. Alan DeKok.