• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2604
  • Last Modified:

RSA SecurID 6.1 RADIUS Server Configuration

I'm using a SecurID appliance together with my Cisco ASA to authenticate VPN users.  I also have a Cisco wireless LAN controller, and would like to use SecurID to authenticate WLAN users.  Problem is, the ASA supports SecurID's native SDI authentication mode, but the WLC only supports RADIUS.

I found a Cisco guide, which details how to get the WLC talking to SecurID via RADIUS, but I've run into a problem when setting up the built-in SecurID RADIUS server.  In Authentication Manager, under the RADIUS menu, I select Manage RADIUS Server, and receive the warning message 'RADIUS Server has not been configured'.

I've Googled this and come up empty.  I do not have a current RSA support agreement, but I contacted my sales rep, and he told me that the RADIUS server is included with the appliance, so I should already have everything I need.  I just need a guide or some help on getting the SecurID RADIUS server working.
0
FWeston
Asked:
FWeston
  • 2
1 Solution
 
arnoldCommented:
As far as configuring a radius server:
First thing you have to make sure is that you add the cisco wireless LAN controller's IP as a client on the RADIUS server that came with secureID with a secert (password that is used to authenticate the messages).
Check the log on the radius server to see whether you were getting errors dealing with invalid/unknown client, ignoring message
Presumably RSA has a knowledge base/guides for just such an occasions.

http://www.rsa.com/rsasecured/guides/imp_pdfs/Cisco_PIX_702_AuthMan61.pdf
Is an example of configuring the Appliance to be used with a PIX.

What options are available within the appliance that deal with configuring/enabling RADIUS?
0
 
FWestonAuthor Commented:
The only options I see in the appliance are what I detailed above in my original question.  I contacted my sales rep and apparently the RSA RADIUS server is a separate piece of software that runs on another server, which explains why I couldn't find anything on the appliance to configure.  He said he would get a copy of the RADIUS server and e-mail it to me since I don't have a support agreement and can't access the download on their website.  So I guess this question is solved.
0
 
FWestonAuthor Commented:
Determined that RADIUS server is a separate piece of software that must be downloaded from RSA.
0

Featured Post

The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now