Configure Network Settings Using the Identity Router Setup Console

Document created by RSA Information Design and Development on Jul 13, 2016Last modified by RSA Information Design and Development on Oct 20, 2017
Version 21Show Document
  • View in full screen mode
  

Using the Identity Router Setup Console, you can verify the current network settings and configure additional settings to allow the identity router to communicate with the Cloud Administration Console and the Cloud Authentication Service. These settings are unique to each identity router.

 

Before you begin

 

Procedure 

 
  1. Open a web browser and go to https://<managementIP>/setup.jsp, where <managementIP> is the IP address of the identity router management interface.

    Refer to the RSA SecurID Access Solution Architecture Workbook for the management interface IP address.
  2. Sign into the Identity Router Setup Console. If this is your first time signing into the setup console for this identity router, see Change the Identity Router Administrator Password Using the Identity Router Setup Console.
  3.  (Optional) To verify the management interface network settings, do the following. Refer to the RSA SecurID Access Solution Architecture Workbook for the management interface values for this identity router.
    1. In the Management IP Address field, verify the IP address of the identity router management interface. The identity router communicates with the Cloud Authentication Service , identity sources, and DNS servers using this address.
    2. In the Management Netmask field, verify the subnet mask for this network.
    3. In the Management Gateway IP Address field, verify the default gateway (router) for this subnet.
  4. (Optional) To verify the proxy interface settings, do the following. Refer to the RSA SecurID Access Solution Architecture Workbook for the proxy interface values for this identity router.  
    1. In the Proxy IP Address field, verify the IP address of the identity router proxy interface. The identity router communicates with users and web applications, and hosts the application portal using this address. The proxy IP address can be on the same subnet or a different subnet than the management IP.
    2. In the Proxy Net Mask field, verify the subnet mask for this network.
    3. In the Proxy Gateway IP Address field, verify the gateway IP address for this subnet.
  5. (Optional) Configure additional Domain Name System (DNS) servers if specified in the DNS Server section of the RSA SecurID Access Solution Architecture Workbook. For each additional DNS server specified in the workbook, click Add DNS Record and do one of the following.
    To add another DNS server to use for all requests (for redundancy):
    1. Leave the Domain field blank.
    2. In the IP field, enter the IP address of the DNS server for the identity router.
    To add a DNS server to resolve hostnames within a specific domain:
    1. In the Domain field, enter the name of the domain for which this DNS server will resolve hostnames.
    2. In the IP field, enter the IP address of the DNS server for the identity router.
  6. In the NTP Server field, enter the Network Time Protocol (NTP) server hostname or IP address from the RSA SecurID Access Solution Architecture Workbook. The default is 0.pool.ntp.org.
  7.  (Optional) To configure static routes for the identity router to use when accessing specific network resources, click Add Static Route and do the following:
    1. In the IP field, enter the IP address of the network resource that requires a static route.
    2. In the Network Mask field, enter the subnet mask for the static route.
    3. In the Gateway field, enter the gateway address for the static route.
    4. From the Device drop-down list, select eth0 to designate the static route for connections using the management interface, or select eth1 to designate it for the proxy interface.
  8. (Optional) In the Identity Router HostName field, enter the Identity Router Proxy Interface FQDN value for this identity router from the RSA SecurID Access Solution Architecture Workbook.
    The hostname must be within the protected domain for your network environment, and must be configured in your DNS server to point to the identity router proxy IP address.

    If you do not enter a hostname, the Identity Router Setup Console automatically populates this field with the appropriate value when you connect the identity router to the Cloud Administration Console.

    Note:  If you change the Identity Router HostName, and you have configured a connection to RSA Authentication Manager, you must reestablish the connection between the Cloud Authentication Service and RSA Authentication Manager.

  9. Click Update IDR Setup Configuration.

 

 

You are here
Table of Contents > Identity Routers > Configure Network Settings Using the Identity Router Setup Console

Attachments

    Outcomes