rajeshgc
asked on
How to integrate RSA & VPN using cisco ASA 5510 & remote internet client?
integrate RSA & VPN using cisco ASA 5510 & remote internet client
You can define your RSA server as an AAA server of type 'sdi' and use it to authenticate your VPN users just like a RADIUS or LDAP server.
*** RSA does not use a PSK, it downloads an encrypted *.sdi file on first connect
aaa-server RSA_VPN protocol sdi
aaa-server RSA_VPN host <primary>
aaa-server RSA_VPN host <backup>
Then set your tunnel group to authenticate against the RSA server(s):
tunnel-group rsa_ra_vpn general-attributes
authentication-server-grou p RSA_VPN
*** RSA does not use a PSK, it downloads an encrypted *.sdi file on first connect
aaa-server RSA_VPN protocol sdi
aaa-server RSA_VPN host <primary>
aaa-server RSA_VPN host <backup>
Then set your tunnel group to authenticate against the RSA server(s):
tunnel-group rsa_ra_vpn general-attributes
authentication-server-grou
ASKER
Hi Ikalmar....
Ur reference is really very good....really thanks a lot for the URL...
Regards
Rajesh
Hi stsonline.....
Reallyfirst of all i'ld like to thank u a lot for ur nice effort...
But as a beginner am not able to understand the whole thing...
Could u please explain it in details regarding "how to integrate csico ASA5510 & RSA?"
Did u implemented it anywhere? or is it the right thing to integrate it for good security purpose.?
plz do let me know....
Thanks & Regards
Rajesh
Ur reference is really very good....really thanks a lot for the URL...
Regards
Rajesh
Hi stsonline.....
Reallyfirst of all i'ld like to thank u a lot for ur nice effort...
But as a beginner am not able to understand the whole thing...
Could u please explain it in details regarding "how to integrate csico ASA5510 & RSA?"
Did u implemented it anywhere? or is it the right thing to integrate it for good security purpose.?
plz do let me know....
Thanks & Regards
Rajesh
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Please refer this page:
http://www.cisco.com/en/US/docs/security/asa/asa80/asdm60/ssl_vpn_deployment_guide/deploy.html
Good luck,
Istvan