Solved

How to integrate RSA & VPN  using cisco ASA 5510 & remote internet client?

Posted on 2009-07-06
5
2,211 Views
Last Modified: 2012-05-07
integrate RSA & VPN  using cisco ASA 5510 & remote internet client
0
Comment
Question by:rajeshgc
  • 2
5 Comments
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 24783764
0
 
LVL 10

Expert Comment

by:stsonline
ID: 24808918
You can define your RSA server as an AAA server of type 'sdi' and use it to authenticate your VPN users just like a RADIUS or LDAP server.

*** RSA does not use a PSK, it downloads an encrypted *.sdi file on first connect
aaa-server RSA_VPN protocol sdi
aaa-server RSA_VPN host <primary>
aaa-server RSA_VPN host <backup>

Then set your tunnel group to authenticate against the RSA server(s):

tunnel-group rsa_ra_vpn general-attributes
authentication-server-group RSA_VPN

0
 

Author Comment

by:rajeshgc
ID: 24856788
Hi Ikalmar....
Ur reference is really very good....really thanks a lot for the URL...
Regards
Rajesh

Hi stsonline.....
Reallyfirst of all i'ld like to  thank u a lot for ur nice effort...
But as a beginner am not able to understand the whole thing...
Could u please explain it in details regarding "how to integrate csico ASA5510 & RSA?"
Did u implemented it anywhere? or is it the right thing to integrate it for good security purpose.?
plz do let me know....

Thanks & Regards
Rajesh
0
 
LVL 34

Accepted Solution

by:
Istvan Kalmar earned 500 total points
ID: 24856829
HI,

Please refer this page for mor information:
http://filedb.experts-exchange.com/incoming/2008/09_w36/56525/CiscoPIX-701-AuthMan6.pdf

SDI Server Support

The security appliance can use RSA SecureID servers for VPN authentication. These servers are also known as SDI servers. When a user attempts to establish VPN access and the applicable tunnel-group record specifies a SDI authentication server group, the security appliance sends to the SDI server the username and one-time password and grants or denies user access based on the response from the server.

0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Three simple tips to quickly and efficiently back up and protect the contents of your PC and Mac®.
A customer recently asked me about anti-malware and the different deployment options available for his business. Daily news about cyberattacks, zero-day vulnerabilities, and companies that suffered a security breach made him wonder if the endpoint a…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
A simple description of email encryption using a secure portal service. This is one of the choices offered by The Email Laundry for email encryption. The other choices are pdf encryption which creates an encrypted pdf of your email and any attachmen…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

25 Experts available now in Live!

Get 1:1 Help Now