RADIUS with AM Configuration - Cisco FTD RSA Ready SecurID Access Implementation Guide

Document created by RSA Information Design and Development Employee on Jan 25, 2019Last modified by RSA Information Design and Development Employee on Jan 25, 2019
Version 2Show Document
  • View in full screen mode

This section contains instructions on how to integrate Cisco FTD with RSA Authentication Manager using RADIUS.

Architecture Diagram

RSA Authentication Manager

To configure your RSA Authentication Manager for use with a RADIUS Agent, you must configure a RADIUS client and a corresponding agent host record in the Authentication Manager Security Console.

The relationship of agent host record to RADIUS client in the Authentication Manager can 1 to 1, 1 to many or 1 to all (global).

RSA Authentication Manager listens on ports UDP 1645 and UDP 1812.


Cisco FTD

Follow the steps in this section to configure Cisco FTD as a RADIUS client to RSA Authentication Manager.


1. Logon to Cisco Firepower Management Center and browse to ObjectsObject Management > RADIUS Server Group and click Add RADIUS Server Group.


2. Enter a Name for the server group and click + to add a RADIUS server.

3. Configure the RADIUS server settings and click Save.

  • IP Address/Hostname - Enter the hostname or IP address of your RSA Authentication Manager server.
  • Authentication Port - Enter either 1645 or 1812.
  • Key - Enter the RADIUS shared secret to match as entered in the RADIUS client in RSA Authentication Manager Security Console.

4. (Optional) click + to add RADIUS servers for any RSA Authentication Manager replica servers.

5. Click to Save the RADIUS Server Group.


Next Step: Proceed to the Use Case Configuration Summary section for information on how to apply the RADIUS configuration to your use case.