BeyondTrust Corporation BeyondInsight6.10 - RADIUS with AM Configuration - RSA Ready SecurID Access Implementation Guide

Document created by RSA Information Design and Development Employee on May 19, 2020Last modified by RSA Information Design and Development Employee on May 19, 2020
Version 3Show Document
  • View in full screen mode

This section describes how to integrate BeyondTrust Corporation BeyondInsight with RSA Authentication Manager using RADIUS.

Architecture Diagram

Configure RSA Authentication Manager

To configure your RSA Authentication Manager for use with a RADIUS Agent, you must configure a RADIUS client and a corresponding agent host record in the Authentication Manager Security Console.

The relationship of agent host record to RADIUS client in the Authentication Manager can 1 to 1, 1 to many or 1 to all (global).

RSA Authentication Manager listens on ports UDP 1645 and UDP 1812.

 

Configure BeyondTrust Corporation BeyondInsight

Perform these steps to configure BeyondTrust Corporation BeyondInsight as a RADIUS client to RSA Authentication Manager.

Procedure

  1. Login to BeyondTrust BeyondInsight and browse to Configuration > Radius two factor authentication
  2. Click on Create RADIUS Alias.
  3. Add RADIUS server details.
    1. Filter - Select "All Users" if all the mapped AD users are needed for RADIUS authentication.
    2. Host - Enter IP Address of RSA Authentication Manager server.
    3. Authentication Mechanism - Select as PAP
    4. Authentication Port - Set to 1812 or 1645
    5. Authentication Request Timeout - Recommended 45 Seconds
    6. Shared Secret - Enter the RADIUS shared secret. It must match the secret as entered in the RSA RADIUS server.
  4. Click Save Changes

Next Step: Proceed to the Use Case Configuration Summary section for information on how to apply the RADIUS configuration to your use case.

 
You are here
BeyondTrust Corporation BeyondInsight6.10 - RADIUS with AM Configuration - RSA Ready SecurID Access Implementation Guide

Attachments

    Outcomes