000037444 - How to integrate SWIFT Alliance Access with RSA Authentication Manager using RADIUS protocol

Document created by RSA Customer Support Employee on Jun 5, 2019Last modified by RSA Customer Support Employee on Jun 5, 2019
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000037444
Applies ToRSA Product Set:  SecurID
RSA Product/Service Type:  Authentication Manager
RSA Version/Condition: 8.x
IssueThe following steps show how to integrate the SWIFT Alliance Access with RSA Authentication Manager using RADIUS protocol.

SWIFT Alliance Access Configuration

  1. On the SWIFT device, log into the AA Web management page with the Left Security Officer (LSO) account and configure a new authentication server group.

User-added image

  1. Once you are under the RADIUS Authentication Servers Group, configure the primary server in the Future Configuration section to communicate with the Authentication Manager RADIUS server.

User-added image

Usethe following information:

  • Host Address: Provide the IP address of the Authentication Manager server
  • Key Left: This should be a value of 16 characters.  In this example the Key Left will be left111111111111.
  • Key Right: This should be a value of 16 characters.  In this example the Key Right will be right22222222222.
  • Port Number: 1812, the default RADIUS port for communication with Authentication Manager.

  1. When done, click the Save button.

If you have a replica Authentication Manager server, click the Secondary Server tab and configure it in the same way.

  1. These changes should be approved by the Right Security Officer (RSO) account. 

    1. Logon with RSO credentials.
    2. Go to User management > Authentication Server Group
    3. Click Approve.
  2. Once the RSO has approved the new configuration, the RADIUS server configuration on the SWIFT Alliance Access is done.

RSA Authentication Manager RADIUS cient configuration

  1. Login to the Security Console of the primary Authentication Manager server as a superadmin.
  2. Navigate to RADIUS > RADIUS Client > Add New.
  3. Crate the new RADIUS client by providing the following informationt to configure the device:

  • Client Name: Name of the new RADIUS client (SWIFT Alliance)
  • IP Address: IP address of the SWIFT server
  • Model: Keep the default of Standard Radius
  • Shared Secret: Enter the LSO key followed by RSO key as defined earlier.  Based on the example above, it will be left111111111111right22222222222.

  1. Click on Save and Create Associated RSA Agent.