Radius service with multiple external authentication sources
03-14-2019 03:13 PM
I have a 'Network Device Radius Authentication' service defined. I currently have our RSA Token server defined for authentication, and AD for authorization. This works fine. However, when I add AD as an additional authentication, ClearPass requires successful authentication from both external authentication sources (AND instead of OR). What I am trying to do is allow a serivce account in AD to authenticate (does not have a token), and admins to authenticate using their RSA token. With both authenticators added, when I login to a network device, it requires me to authenticate with my RSA token first, then with my AD password.