Configure Network Settings Using the Identity Router Setup Console

Document created by RSA Information Design and Development on Jul 13, 2016Last modified by RSA Information Design and Development on Nov 16, 2018
Version 31Show Document
  • View in full screen mode
  

Using the Identity Router Setup Console, you can verify the current network settings and configure additional settings to allow the identity router to communicate with the Cloud Administration Console and the Cloud Authentication Service. These settings are unique to each identity router.

 

Before you begin

 

Procedure 

 
  1. Open a web browser and do one of the following:
    • For Amazon cloud-based identity routers, go to https://<identityrouterIP>:9786/setup.jsp, where <identityrouterIP> is the private IP address of the identity router.
    • For VMware and Hyper-V identity routers, go to https://<identityrouterIP>/setup.jsp, where <identityrouterIP> is the IP address of the identity router management interface.

      See your Quick Setup Guide for the identity router IP address.
  2. Sign into the Identity Router Setup Console. If this is your first time signing into the setup console for this identity router, see Change the Identity Router Administrator Password Using the Identity Router Setup Console.
  3.  (Optional) To verify the management interface network settings for on-premises identity routers, do the following. See your Quick Setup Guide for the management interface values for this identity router.

    Note:  Management interface settings are not available for identity routers in the Amazon cloud.

    1. In the Management IP Address field, verify the IP address of the identity router management interface. The identity router communicates with DNS servers, identity sources, authentication sources, and RADIUS clients using this address.
    2. In the Management Netmask field, verify the subnet mask for this network.
    3. In the Management Gateway IP Address field, verify the default gateway (router) for this subnet.
  4. (Optional) To verify the proxy interface settings for on-premises identity routers, do the following. See your Quick Setup Guide for the proxy interface values for this identity router.

    Note:  Proxy interface settings are not available for identity routers in the Amazon cloud.

    1. In the Proxy IP Address field, verify the IP address of the identity router proxy interface. The identity router communicates with users, web applications, and the Cloud Authentication Service, and hosts the application portal using this address. The proxy IP address can be on the same subnet or a different subnet than the management IP.
    2. In the Proxy Net Mask field, verify the subnet mask for this network.
    3. In the Proxy Gateway IP Address field, verify the gateway IP address for this subnet.
  5. (Optional) Configure additional Domain Name System (DNS) servers if specified in the DNS Server information of your Quick Setup Guide.

    Note:  The DNS server settings on this page do not apply for identity routers in the Amazon cloud. Edit the DHCP option set in your AWS environment if you need to add DNS servers for an Amazon cloud-based identity router.

    For each additional DNS server specified, click Add DNS Record and do one of the following.

    To add another DNS server to use for all requests (for redundancy):
    1. Leave the Domain field blank.
    2. In the IP field, enter the IP address of the DNS server for the identity router.
    To add a DNS server to resolve hostnames within a specific domain:
    1. In the Domain field, enter the name of the domain for which this DNS server will resolve hostnames.
    2. In the IP field, enter the IP address of the DNS server for the identity router.
  6. In the NTP Server field, enter the Network Time Protocol (NTP) server hostname or IP address from your Quick Setup Guide. For identity routers in the Amazon cloud, the default is 169.254.169.123. For on-premises identity routers, the default is 0.pool.ntp.org.
  7.  (Optional) To configure static routes for the identity router to use when accessing specific network resources, click Add Static Route and do the following.

    Note:  Static route configuration is not available for identity routers in the Amazon cloud. Configure route tables in your AWS environment to direct traffic from internal and external network resources through the appropriate gateway in your VPC.

    1. In the IP field, enter the IP address of the network resource that requires a static route.
    2. In the Network Mask field, enter the subnet mask for the static route.
    3. In the Gateway field, enter the gateway address for the static route.
    4. From the Device drop-down list, select eth0 to designate the static route for connections using the management interface, or select eth1 to designate it for the proxy interface.
  8. (Optional) In the Identity Router HostName field, enter the Identity Router FQDN value for this identity router from your Quick Setup Guide. For on-premises identity routers, use the proxy interface FQDN.
    The hostname must be within the protected domain for your network environment, and must be configured in your DNS server to point to the identity router IP address.

    If you do not enter a hostname, the Identity Router Setup Console automatically populates this field with the appropriate value when you connect the identity router to the Cloud Administration Console.

    Note:  If you change the Identity Router HostName, and you have configured a connection to RSA Authentication Manager, you must reestablish the connection between the Cloud Authentication Service and RSA Authentication Manager.

  9. Click Update IDR Setup Configuration.

 

 

You are here
Table of Contents > Identity Routers > Installing and Configuring Identity Routers > Configure Network Settings Using the Identity Router Setup Console

Attachments

    Outcomes