Last updated on May 29, 2025
Multi-Factor Authentication (MFA) for Cisco VPN is an extra layer of security added to the traditional username and password credentials during logins. Cisco VPN Two-Factor Authentication provides top-notch security for users who log in to Cisco AnyConnect VPN, Cisco PPTP VPN, Cisco L2TP VPN, and more. Even if hackers steal a user’s password, Cisco VPN 2FA will stop them from connecting to the corporate network.
Overview
Rublon integrates with Cisco VPN to enable Two-Factor Authentication (2FA) for Cisco VPN user logins, including Cisco ASA, Cisco AnyConnect VPN, Cisco SSL VPN, Cisco L2TP VPN, and Cisco PPTP VPN.
Rublon introduces Two-Factor Authentication to Cisco VPN in a number of ways.
Before You Start
- Ensure you have properly configured Cisco VPN.
- Ensure that you have properly set up your authentication source, that is, an external Identity Provider (IdP) like FreeRADIUS, Microsoft Active Directory, or OpenLDAP.
- Ensure your Cisco hardware and software works correctly, especially that users can successfully log in prior to enabling Rublon Two-Factor Authentication.
Configuration
Refer to the following instructions depending on your Cisco version.
Enable 2FA for Cisco AnyConnect VPN with Cisco FTD Firepower Firewall
MFA for Cisco AnyConnect VPN with Cisco FTD Firepower Firewall is an extra layer of security to ensure only the intended user is logging to the VPN. Cisco FTD FirePower Firewall MFA requires the user to go through both primary (login/password) and secondary (e.g., Mobile Push) authentication. This means that even if a cybercriminal knows a user’s password, they cannot gain access via the Cisco AnyConnect Mobility Client VPN without completing the second authentication step.
Rublon Multi-Factor Authentication (MFA) for Cisco AnyConnect VPN with Cisco FTD Firepower Firewall allows you to add an extra layer of security to your VPN logins.
Rublon MFA for Cisco AnyConnect VPN with Cisco FTD Firepower Firewall enables Multi-Factor Authentication (MFA) / Two-Factor Authentication (2FA) during VPN logins. If a user enters the correct username and password, they proceed to the secondary authentication method. If the user is unable to complete the extra method, Rublon will deny their access, stopping any potential intruder from gaining access.
Rublon Authentication Proxy is used for integration via the RADIUS and LDAP protocols.
2FA for Cisco AnyConnect VPN with Cisco FTD Firepower Firewall using RADIUS
Integrate Cisco FTD Firepower Firewall with Rublon to introduce Multi-Factor Authentication (MFA) to your Cisco AnyConnect VPN logins. You have to install and configure Rublon Authentication Proxy before configuring Rublon MFA for Cisco FirePower Management using RADIUS.
MFA for Cisco AnyConnect VPN with Cisco FTD Firepower Firewall – RADIUS
2FA for Cisco AnyConnect VPN with Cisco FTD Firepower Firewall using LDAP(S)
Integrate Cisco FTD Firepower Firewall with Rublon to introduce Multi-Factor Authentication (MFA) to your Cisco AnyConnect VPN logins. You have to install and configure Rublon Authentication Proxy before configuring Rublon MFA for Cisco FirePower Management using LDAP.
MFA for Cisco AnyConnect VPN with Cisco FTD Firepower Firewall – LDAP(S)
Enable 2FA for Cisco AnyConnect VPN with ASA
If you would like to enable Two-Factor Authentication (2FA) for Cisco AnyConnect VPN with ASA, refer to:
MFA for Cisco AnyConnect VPN with ASA
Enable 2FA for Cisco RV Series VPN (SSL, PPTP, L2TP)
If you would like to enable Two-Factor Authentication (2FA) for a Cisco RV Series router with Cisco SSL VPN, Cisco PPTP VPN, or Cisco L2TP VPN, refer to:
MFA for Cisco RV Series VPN
Enable 2FA for Cisco FirePower Management
MFA for Cisco FirePower Management is an extra layer of security to ensure only the intended user is logging into the admin interface. Cisco FirePower Management MFA requires the user to go through both primary (login/password) and secondary (e.g., Mobile Push) authentication. This means that even if a cybercriminal knows a user’s password, they cannot access the FirePower Management interface without completing the second step of authentication.
Rublon Multi-Factor Authentication (MFA) for Cisco FirePower Management allows you to add an extra layer of security to your web UI admin interface logins. MFA for FirePower Management is done using the Rublon Authentication Proxy.
Rublon MFA for Cisco FirePower Management enables Multi-Factor Authentication (MFA) / Two-Factor Authentication (2FA) during Web UI logins. If a user enters the correct username and password, they proceed to the secondary authentication method. If the user is unable to complete the extra method, Rublon will deny their access, stopping any potential intruder from gaining access.
Rublon Authentication Proxy is used for integration via the RADIUS and LDAP protocols.
2FA for Cisco FirePower Management using RADIUS
Integrate Cisco FirePower Management with Rublon to introduce Multi-Factor Authentication (MFA) to your logins. You have to install and configure Rublon Authentication Proxy before configuring Rublon MFA for Cisco FirePower Management using RADIUS.
MFA for Cisco FirePower Management – RADIUS
2FA for Cisco FirePower Management using LDAP(S)
Integrate Cisco FirePower Management with Rublon to introduce Multi-Factor Authentication (MFA) to your logins. You have to install and configure Rublon Authentication Proxy before configuring Rublon MFA for Cisco FirePower Management using LDAP(S).
MFA for Cisco FirePower Management – LDAP(S)
Troubleshooting
If you encounter any issues with your Rublon integration, please contact Rublon Support.
