RADIUS with CAS Configuration - Cisco FTD RSA Ready SecurID Access Implementation Guide

Document created by RSA Information Design and Development Employee on Jan 25, 2019Last modified by RSA Information Design and Development Employee on Jan 25, 2019
Version 2Show Document
  • View in full screen mode

This section contains instructions on how to integrate CiscoFTD with RSA Cloud Authentication Service using RADIUS.

Architecture Diagram

RSA Cloud Authentication Service

To configure RADIUS for Cloud Authentication Service for use with a RADIUS client, you must first configure a RADIUS client in the RSA SecurID Access Console.

Logon to the RSA Cloud Administrative Console and browse to Authentication Clients > RADIUS > Add RADIUS Client and enter the Name, IP Address and Shared Secret.

Click Publish.


Cisco FTD

Follow the steps in this section to configure Cisco FTD as a RADIUS client to RSA Cloud Authentication Service.


1. Logon to Cisco Firepower Management Center and browse to ObjectsObject Management > RADIUS Server Group and click Add RADIUS Server Group.

2. Enter a Name for the server group and click + to add a RADIUS server.

3. Configure the RADIUS server settings and click Save.

  • IP Address/Hostname - Enter the hostname or IP address of your RSA Identity Router.
  • Authentication Port - Enter 1812.
  • Key - Enter the RADIUS shared secret to match as entered in the RADIUS client in RSA Cloud Administation Console.

4. (Optional) click + to add RADIUS servers for any RSA Authentication Manager replica servers.

5. Click to Save the RADIUS Server Group.


Next Step: Proceed to the Use Case Configuration Summary section for information on how to apply the RADIUS configuration to your use case.