RSA Security 3.6.0 manual Partner Authentication Agent Configuration

Page 4

Partner Authentication Agent Configuration

Setting Up RSA SecurID Authentication (Command Line Interface)

You can implement SecurID authentication at the server level and for specific interfaces and asynchronous ports on the LX unit. You must implement RSA SecurID Authentication at the server level before you can implement it on specific interfaces and asynchronous ports on the LX unit.

The basic steps for configuring SecurID authentication on the LX unit are:

1.Specifying the RSA Authentication Manager Server settings on the LX.

2.Installing and configuring the SecurID server on a Network-based Host.

3.Configuring a RSA Authentication Manager Local Subscriber. (optional)

Specifying the RSA Authentication Manager Server Settings on the LX

Perform the following operations to specify the RSA Authentication Manager settings on the LX unit:

1.Check the primary RSA Authentication Manager Server host to ensure that the RSA Authentication Manager application is running.

2.Access the AAA Command Mode on the LX

3.Use the securid authentication version command to specify the RSA Authentication Manager authentication version for the LX unit. You can specify the authentication version as Version 5, or pre-Version 5 (legacy); for example:

Login: InReach

Password: access

InReach:0> enable

Password: system

InReach:0>> configuration

AAA:0 >>securid authentication version version_5

AAA:0 >>securid authentication version legacy

4.Use the securid authentication port command to specify the socket your RSA Authentication Manager server is listening to; for example:

AAA:0 >>securid authentication port 1687

Note: The LX listens to port 5500 by default.

5.Use the securid primary authentication server address command to specify the IP address of the RSA Authentication Manager Primary; for example:

AAA:0 >>securid primary authentication server address 10.242.131.11

6.Use the securid authentication encryption command to specify the RSA SecurID encryption method for the LX unit. You can specify DES or SDI as the encryption method; for example:

AAA:0 >>securid authentication encryption des

AAA:0 >>securid authentication encryption sdi

7.To verify the LX configuration, execute the show securid characteristics command at the superuser command prompt; for example:

AAA:0 >>show securid characteristics

Note: To clear the node secret from the LX unit, use the ‘zero securid secret’ command.

4

Page 3 Page 5
Image 4
Page 3 Page 5
Contents Partner Information Product InformationSolution Summary Product RequirementsAgent Host Configuration Partner Authentication Agent Configuration Setting Up RSA SecurID Authentication Command Line InterfaceRSA SecurID Local Subscriber Feature RSA SecurID Authentication Command ExamplesRSA SecurID sdconf.rec Setting Up RSA SecurID Authentication Web Interface Page Setting Up Radius Command Line Interface Setting Up Radius Web Interface Page Setting Up TACACS+ TACACS+ Primary Authentication Server CommandsTACACS+ Primary Accounting Server Commands TACACS+ Secondary Authentication Server CommandsSetting Up TACACS+ Web Interface Page Certification Checklist LX SeriesMandatory Functionality RSA Native Protocol Radius Protocol Additional Functionality
Top Page Image Contents