Partner Authentication Agent Configuration
Setting Up RSA SecurID Authentication (Command Line Interface)
You can implement SecurID authentication at the server level and for specific interfaces and asynchronous ports on the LX unit. You must implement RSA SecurID Authentication at the server level before you can implement it on specific interfaces and asynchronous ports on the LX unit.
The basic steps for configuring SecurID authentication on the LX unit are:
1.Specifying the RSA Authentication Manager Server settings on the LX.
2.Installing and configuring the SecurID server on a
3.Configuring a RSA Authentication Manager Local Subscriber. (optional)
Specifying the RSA Authentication Manager Server Settings on the LX
Perform the following operations to specify the RSA Authentication Manager settings on the LX unit:
1.Check the primary RSA Authentication Manager Server host to ensure that the RSA Authentication Manager application is running.
2.Access the AAA Command Mode on the LX
3.Use the securid authentication version command to specify the RSA Authentication Manager authentication version for the LX unit. You can specify the authentication version as Version 5, or
Login: InReach
Password: access
InReach:0> enable
Password: system
InReach:0>> configuration
AAA:0 >>securid authentication version version_5
AAA:0 >>securid authentication version legacy
4.Use the securid authentication port command to specify the socket your RSA Authentication Manager server is listening to; for example:
AAA:0 >>securid authentication port 1687
Note: The LX listens to port 5500 by default.
5.Use the securid primary authentication server address command to specify the IP address of the RSA Authentication Manager Primary; for example:
AAA:0 >>securid primary authentication server address 10.242.131.11
6.Use the securid authentication encryption command to specify the RSA SecurID encryption method for the LX unit. You can specify DES or SDI as the encryption method; for example:
AAA:0 >>securid authentication encryption des
AAA:0 >>securid authentication encryption sdi
7.To verify the LX configuration, execute the show securid characteristics command at the superuser command prompt; for example:
AAA:0 >>show securid characteristics
Note: To clear the node secret from the LX unit, use the ‘zero securid secret’ command.
4