Cisco Systems PIX IOS 7.0(2) Server User Manual

Open as PDF

of 10

Partner Authentication Agent Configuration

Before You Begin

This section provides instructions for integrating the partners’ product with RSA SecurID Authentication.

This document is not intended to suggest optimum installations or configurations.

It is assumed that the reader has both working knowledge of all products involved, and the ability to

perform the tasks outlined in this section. Administrators should have access to the product

documentation for all products in order to install the required components.

All vendor products/components must be installed and working prior to the integration. Perform the

necessary tests to confirm that this is true before proceeding.

Cisco PIX Security Appliance

Log onto the Cisco PIX Security Appliance and enter enable mode, by typing the word “enable” and

giving the enable password. Then enter configuration mode by typing “config t”. You are now able to

enter the commands below to turn on authentication.

VPN Configuration

Please refer to the following Implementation Guide for instructions on setting up the Cisco VPN client to

use with the VPN configuration section.

http://rsasecurity.agora.com/rsasecured/guides/imp_pdfs/Cisco_VPN_Client_AuthMan61.pdf

RSA Native SecurID authentication configuration:

Note: The PIX Security appliance obtains the Authentication Manager’s server list when the first user

authenticates, which can be either the primary or a replica. Defining replica servers is not necessary

when configuring Native Support.

RSA Authentication Manager:

aaa-server AuthMan6 protocol sdi

reactivation-mode timed

aaa-server AuthMan6 host 10.100.50.37

retry-interval 3

timeout 13

VPN Policy:

ip local pool test 173.16.16.1-173.16.16.254

crypto ipsec transform-set myset esp-des esp-md5-hmac

crypto dynamic-map dynmap 10 set transform-set myset

crypto map mymap 10 ipsec-isakmp dynamic dynmap

crypto map mymap interface outside

isakmp enable outside

isakmp policy 10 authentication pre-share

isakmp policy 10 encryption des

isakmp policy 10 hash md5

isakmp policy 10 group 2

tunnel-group AuthMan6Group type ipsec-ra

tunnel-group AuthMan6Group general-attributes

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Cisco Systems PIX IOS 7.0(2) Server User Manual