|Applies To||RSA Product Set: SecurID|
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.1
|Tasks||IF you need to add a large number of RADIUS clients to Authentication Manager,Instead of adding an agent to each RADIUS client, You can configure <ANY> RADIUS client and enter the same shared secret for each RADIUS client. When an ANY client sends a network request to its associated RADIUS server, the RADIUS server confirms the shared secret and forwards the request without any client information to Authentication Manager.|
|Resolution||First, You need to add <ANY> RADIUS client by following the below steps:|
1. Log into Security Console and navigate to Radius >>Radius Clients >>Add New.
2. Enable "Accept authentication requests from any RADIUS client using the shared secret specified for this client" box.
3. Enter the Shared Secret then Click Save.
After that, You need to Allow the system to authenticate users from clients without agents by following the below steps:
1. Log into the Operations Console and navigate to Deployment Configuration >>Radius Servers.
2. Click on the Server Name >>Manage Server Files.
3. Click on securid.ini file then Edit.
4. You must set the file parameter CheckUserAllowedByClient to 0. By default, this parameter is set to 1, which allows the system to authenticate users from clients with an assigned agent.
5. Click Save & Restart RADIUS Server.
Changes to RADIUS configuration files are not automatically replicated. You must manually edit the files of each RADIUS replica server in your deployment.