Partner Authentication Agent Configuration
Before You Begin
This section provides instructions for integrating the partners’ product with RSA SecurID Authentication. This document is not intended to suggest optimum installations or configurations.
It is assumed that the reader has both working knowledge of all products involved, and the ability to perform the tasks outlined in this section. Administrators should have access to the product documentation for all products in order to install the required components.
All vendor products/components must be installed and working prior to the integration. Perform the necessary tests to confirm that this is true before proceeding.
Cisco PIX Security Appliance
Log onto the Cisco PIX Security Appliance and enter enable mode, by typing the word “enable” and giving the enable password. Then enter configuration mode by typing “config t”. You are now able to enter the commands below to turn on authentication.
VPN Configuration
Please refer to the following Implementation Guide for instructions on setting up the Cisco VPN client to use with the VPN configuration section.
http://rsasecurity.agora.com/rsasecured/guides/imp_pdfs/Cisco_VPN_Client_AuthMan61.pdf
RSA Native SecurID authentication configuration:
Note: The PIX Security appliance obtains the Authentication Manager’s server list when the first user authenticates, which can be either the primary or a replica. Defining replica servers is not necessary when configuring Native Support.
RSA Authentication Manager:
timeout 13
VPN Policy:
ip local pool test
crypto ipsec
isakmp enable outside
isakmp policy 10 | authentication | ||
isakmp policy 10 | encryption des | ||
isakmp | policy | 10 | hash md5 |
isakmp | policy | 10 | group 2 |
5