This section describes how to integrate BeyondTrust CorporationBeyondInsight with RSA Cloud Authentication Service using RADIUS.
Configure RSA Cloud Authentication Service
To configure RADIUS for Cloud Authentication Service for use with a RADIUS client, you must first configure a RADIUS client in the RSA SecurID Access Console.
Sin into the RSA Cloud Administrative Console and browse to Authentication Clients > RADIUS > Add RADIUS Client and enter the Name, IP Address and Shared Secret.
Configure BeyondTrust Corporation BeyondInsight
Perform these steps to configure BeyondTrust Corporation BeyondInsight as a RADIUS client to RSA Cloud Authentication Service.
- Login to BeyondTrust BeyondInsight and browse to Configuration > Radius two factor authentication
- Click on Create RADIUS Alias.
- Add RADIUS server details.
- Filter - Select "All Users" if all the mapped AD users are needed for RADIUS authentication.
- Host - Enter IP Address of RSA Identity Router.
- Authentication Mechanism - Select as PAP.
- Authentication Request Timeout - Recommended 45 Seconds
- Authentication Port - Set to 1812 or 1645.
- Shared Secret - Enter the RADIUS shared secret. It must match the secret as entered in the RSA RADIUS server.
- Click Save Changess
In the RADIUS client settings configured in the Cloud Administration Console (Authentication Clients > RADIUS), if Automatically prompt for push notification methods is enabled, make sure the server timeout (Allow users to select authentication method after timeout) does not exceed the client’s connection timeout.
Next Step: Proceed to the Use Case Configuration Summary section for information on how to apply the RADIUS configuration to your use case.