This section contains instructions on how to integrate Cisco FTD with RSA Authentication Manager using RADIUS.

Architecture Diagram

RSA Authentication Manager

To configure your RSA Authentication Manager for use with a RADIUS Agent, you must configure a RADIUS client and a corresponding agent host record in the Authentication Manager Security Console.

The relationship of agent host record to RADIUS client in the Authentication Manager can 1 to 1, 1 to many or 1 to all (global).

RSA Authentication Manager listens on ports UDP 1645 and UDP 1812.

Cisco FTD

Follow the steps in this section to configure Cisco FTD as a RADIUS client to RSA Authentication Manager.

Procedure

1. Logon to Cisco Firepower Management Center and browse to Objects > Object Management > RADIUS Server Group and click Add RADIUS Server Group.

2. Enter a Name for the server group and click + to add a RADIUS server.

3. Configure the RADIUS server settings and click Save.

• IP Address/Hostname - Enter the hostname or IP address of your RSA Authentication Manager server.
• Authentication Port - Enter either 1645 or 1812.
• Key - Enter the RADIUS shared secret to match as entered in the RADIUS client in RSA Authentication Manager Security Console.

4. (Optional) click + to add RADIUS servers for any RSA Authentication Manager replica servers.

5. Click to Save the RADIUS Server Group.

Next Step: Proceed to the Use Case Configuration Summary section for information on how to apply the RADIUS configuration to your use case.