You are configuring a connection profile for clientless SSL VPN connections. You have accessed the Add Clientless SSL VPN Connection Profile dialog box in ASDM.
Which of the following authentication methods can you configure in this dialog box? (Select the best answer.)
- only AAA
- only OTP
- only digital certificates
- both AAA and OTP
- both AAA and digital certificates
You can configure Authentication, Authorization, and Accounting (AAA) and digital certificate authentication on the Add Clientless SSL VPN Connection Profile dialog box in Cisco Adaptive Security Device Manager (ASDM). Connection profiles are used to separate remote virtual private network (VPN) users into groups. For example, you can use one connection profile for contractors and another connection profile for managers, with each profile providing access to different resources.
You can configure a new connection profile by using ASDM. To configure a new connection profile for clientless Secure Sockets Layer (SSL) VPN connections by using ASDM, you should click Configuration, click the Remote Access VPN button, expand Clientless SSL VPN Access, and click Connection Profiles, which will open the Connection Profiles configuration pane. From this pane, you can view a list of existing connection profiles and you can create new connection profiles. You should click the Add button under Connection Profiles in the Connection Profiles screen to create a new connection profile and to open the Add Clientless SSL VPN Connection Profile dialog box, which is shown in the following exhibit:
In this dialog box, you can configure the connection profile details, including the authentication method to use, the Domain Name System (DNS) server to use, and the group policy to apply to the connection profile. There are two authentication methods that are supported: AAA and Certificate. You can configure the connection profile to use either or both of the methods.
You cannot configure onetime passwords (OTPs) as an authentication method for connection profiles on the Add Clientless SSL VPN Connection Profile dialog box in ASDM. OTP is a two factor user authentication method that typically uses a personal identification number (PIN) in conjunction with code generated by a hardware or software token. The token is synchronized with a central server and periodically generates a code. The code is only valid until the next code is generated, which typically occurs in less than 60 seconds.