Partner Authentication Agent Configuration
Before You Begin
This section provides instructions for integrating the partners’ product with RSA SecurID Authentication. This document is not intended to suggest optimum installations or configurations.
It is assumed that the reader has both working knowledge of all products involved, and the ability to perform the tasks outlined in this section. Administrators should have access to the product documentation for all products in order to install the required components.
All vendor products/components must be installed and working prior to the integration. Perform the necessary tests to confirm that this is true before proceeding.
Cisco configuration:
Log onto the Cisco remote access server and enter enable mode, by typing the word “enable” and giving the enable password. Then enter configuration mode by typing “config t”. You are now able to enter the commands below to turn on authentication. To turn off one of the commands put the word “no” in front of the command line and you will turn off that line.
Note: For remote access use the Cisco IOS Routers configuration section.. For VPN access use the Cisco IOS VPN Router section.
Cisco IOS Routers
Note: CHAP authentication is not supported when using RSA SecurID authentication.
Tacacs+ commands
aaa
aaaauthentication login default tacacs+ line enable aaa authentication ppp default tacacs+
RADIUS commands
aaa
aaaauthentication login default radius line enable aaa authentication ppp default radius
5