Cisco ASA Multi-Factor Authentication (MFA/2FA)

Secure remote access to Cisco ASA VPNs with LoginTC two-factor authentication (2FA). Easy for end-users to enroll and log into Cisco ASA using AnyConnect or browser-based clientless access. Cisco MFA helps prevent account takeovers.

Multiple authentication methods like Push-based authentication, Software One-Time Passwords (OTP), Hardware Tokens, Bypass Codes and Email One-Time Passwords ensure end-users can always login securely.

Direct integration with Active Directory means you can still leverage passwords as a first factor. Users can also be synchronized from Active Directory for a streamlined rollout.

Enable LoginTC with Cisco ASA to add multi-factor authentication (MFA) to your remote access deployment and keep your organization secure.

Cisco 2FA Documentation

Add LoginTC MFA to your Cisco ASA VPN and keep your organization’s remote access deployment secure.

Our comprehensive documentation allows for streamlined deployment with detailed steps on how to configure and manage multi-factor authentication for your organization.

Read the Cisco ASA SSL VPN 2FA Guide

Read the Cisco ASA IPSec 2FA Guide

Video Walkthrough

LoginTC can be added to your Cisco ASA VPN end to end in just over ten minutes.

Follow along the guided tutorial and raise your organization’s cyber security posture.

Watch the video

Frequently Asked Questions

Can a user use one token to login to every application?

Yes, a single LoginTC authentication token can be used to login to all your connected applications and services.

What authentication methods can I use to login?

You can use any of our LoginTC authentication methods, including:

Software OTP
Hardware OTP
Push Authentication
Desktop Authentication
SMS Passcode
Email Passcode
Phone Call
FIDO2 Token
Passcode Grid
QR Scan
Push Number Matching
Bypass Code

Does MFA get bypassed if the service can’t be reached?

No, LoginTC MFA cannot be bypassed.

Can I control who gets challenged with MFA?

Yes, you can control who gets challenged with static username lists, or Active Directory group membership.

Is this compatible with all versions of Cisco VPN?

Yes, this is compatible with all RADIUS-speaking Cisco VPNs.

Simple for end users

Easy Deployment Process

Utilize existing devices

Standardized for compliance

Trusted Worldwide

65+

Countries Served

10K+

Use Cases

2013

Year Released

Your product works as is advertised and that's all we needed.

-- Alex Zubarev, Network Administrator

I would definitely recommend LoginTC to another company in my position.

-- Ian Dickeson - IT Systems Manager for CMHA Kootenays

With offices in three different locations, it was important for the firm to find a way for all employees to have access to the headquarters database without disrupting their ability to work on time sensitive cases.

-- Col Shaw, IT Manager

I would totally recommend the LoginTC solution to anyone looking for an easy-to-deploy and reliable Two-Factor Authentication solution.

-- Manuel J. Gomez, IT Infrastructure Supervisor

I would recommend LoginTC for two reasons. First, your customer support is superb. Second, LoginTC has been stable. I've never had a user complain that they were not able to login due to 2FA issues. LoginTC always just works. That in and of itself is worth a lot.

-- Anthony Mott, VP of IT Infrastructure