How to integrate RSA & VPN using cisco ASA 5510 & remote internet client?

integrate RSA & VPN  using cisco ASA 5510 & remote internet client
Who is Participating?
Istvan KalmarConnect With a Mentor Head of IT Security Division Commented:

Please refer this page for mor information:

SDI Server Support

The security appliance can use RSA SecureID servers for VPN authentication. These servers are also known as SDI servers. When a user attempts to establish VPN access and the applicable tunnel-group record specifies a SDI authentication server group, the security appliance sends to the SDI server the username and one-time password and grants or denies user access based on the response from the server.

Istvan KalmarHead of IT Security Division Commented:
You can define your RSA server as an AAA server of type 'sdi' and use it to authenticate your VPN users just like a RADIUS or LDAP server.

*** RSA does not use a PSK, it downloads an encrypted *.sdi file on first connect
aaa-server RSA_VPN protocol sdi
aaa-server RSA_VPN host <primary>
aaa-server RSA_VPN host <backup>

Then set your tunnel group to authenticate against the RSA server(s):

tunnel-group rsa_ra_vpn general-attributes
authentication-server-group RSA_VPN

rajeshgcAuthor Commented:
Hi Ikalmar....
Ur reference is really very good....really thanks a lot for the URL...

Hi stsonline.....
Reallyfirst of all i'ld like to  thank u a lot for ur nice effort...
But as a beginner am not able to understand the whole thing...
Could u please explain it in details regarding "how to integrate csico ASA5510 & RSA?"
Did u implemented it anywhere? or is it the right thing to integrate it for good security purpose.?
plz do let me know....

Thanks & Regards
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.