Solved

How to integrate RSA & VPN  using cisco ASA 5510 & remote internet client?

Posted on 2009-07-06
5
2,205 Views
Last Modified: 2012-05-07
integrate RSA & VPN  using cisco ASA 5510 & remote internet client
0
Comment
Question by:rajeshgc
  • 2
5 Comments
 
LVL 34

Expert Comment

by:Istvan Kalmar
Comment Utility
0
 
LVL 10

Expert Comment

by:stsonline
Comment Utility
You can define your RSA server as an AAA server of type 'sdi' and use it to authenticate your VPN users just like a RADIUS or LDAP server.

*** RSA does not use a PSK, it downloads an encrypted *.sdi file on first connect
aaa-server RSA_VPN protocol sdi
aaa-server RSA_VPN host <primary>
aaa-server RSA_VPN host <backup>

Then set your tunnel group to authenticate against the RSA server(s):

tunnel-group rsa_ra_vpn general-attributes
authentication-server-group RSA_VPN

0
 

Author Comment

by:rajeshgc
Comment Utility
Hi Ikalmar....
Ur reference is really very good....really thanks a lot for the URL...
Regards
Rajesh

Hi stsonline.....
Reallyfirst of all i'ld like to  thank u a lot for ur nice effort...
But as a beginner am not able to understand the whole thing...
Could u please explain it in details regarding "how to integrate csico ASA5510 & RSA?"
Did u implemented it anywhere? or is it the right thing to integrate it for good security purpose.?
plz do let me know....

Thanks & Regards
Rajesh
0
 
LVL 34

Accepted Solution

by:
Istvan Kalmar earned 500 total points
Comment Utility
HI,

Please refer this page for mor information:
http://filedb.experts-exchange.com/incoming/2008/09_w36/56525/CiscoPIX-701-AuthMan6.pdf

SDI Server Support

The security appliance can use RSA SecureID servers for VPN authentication. These servers are also known as SDI servers. When a user attempts to establish VPN access and the applicable tunnel-group record specifies a SDI authentication server group, the security appliance sends to the SDI server the username and one-time password and grants or denies user access based on the response from the server.

0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Join & Write a Comment

Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
This story has been written with permission from the scammed victim, a valued client of mine – identity protected by request.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now