Configure an IPv4/IPv6 Agent

Document created by RSA Information Design and Development on Jun 13, 2017Last modified by RSA Information Design and Development on Feb 12, 2018
Version 3Show Document
  • View in full screen mode

Configuring the IPv4/IPv6 agent is the second part of the two-step process to register the agent.

Before you begin 


  1. In the Security Console, click Setup > System Settings.

  2. Under Authentication Settings, click Agents.

  3. On the Agents page, click the link to configure IPv6 agents.

    The IPv4/ IPv6 Agents page is displayed.

  4. In the Authentication Servers section, do the following:

    1. Select All Instances to allow the IPv4/IPv6 agent to communicate with any primary or replica instance in the current deployment. The agent can select any instance for authentication requests, and any NIC configured for the selected instance.

    2. Select Specified Server Names or Addresses to choose the fully qualified hostnames or IP addresses of specific instances, or a DNS name that resolves to a list of instances.

      In the Hostname or IP Addresses field, you can add or remove entries from the list of fully qualified hostnames and IP addresses. RSA strongly recommends entering more than one instance. Multiple instances provide redundancy and support failover authentication.

  5. In the Authentication Service Port field, enter a port number between 1025 and 49151. The default port number is 5500.

    Note:  If you change the port number, the agent cannot retrieve configuration data, until after a new configuration file, sdconf.rec, is updated on the agent. Configure your routers and firewalls to pass TCP traffic on the port.

  6. In the Connection Timeout field, specify how long the agent waits while attempting to establish a connection to the server. The default value is 60 seconds.

  7. In the Read Timeout field, specify how long the agent waits while attempting to retrieve data from a previously established connection. The default value is 60 seconds.

  8. (Optional) In the Import Certificate of the New Primary Server field, click Browse to locate and import a new root certificate.

    Note:  You are required to import a new root certificate if you are moving agents to a new deploymentor authenticating to a new instance that you specified in step 4.

  9. Click Update.