This section describes how to integrate BeyondTrust Corporation BeyondInsight with RSA Authentication Manager using RADIUS.
Architecture Diagram
Configure RSA Authentication Manager
To configure your RSA Authentication Manager for use with a RADIUS Agent, you must configure a RADIUS client and a corresponding agent host record in the Authentication Manager Security Console.
The relationship of agent host record to RADIUS client in the Authentication Manager can 1 to 1, 1 to many or 1 to all (global).
RSA Authentication Manager listens on ports UDP 1645 and UDP 1812.
Configure BeyondTrust Corporation BeyondInsight
Perform these steps to configure BeyondTrust Corporation BeyondInsight as a RADIUS client to RSA Authentication Manager.
Procedure
- Login to BeyondTrust BeyondInsight and browse to Configuration > Radius two factor authentication
- Click on Create RADIUS Alias.
- Add RADIUS server details.
- Filter - Select "All Users" if all the mapped AD users are needed for RADIUS authentication.
- Host - Enter IP Address of RSA Authentication Manager server.
- Authentication Mechanism - Select as PAP
- Authentication Port - Set to 1812 or 1645
- Authentication Request Timeout - Recommended 45 Seconds
- Shared Secret - Enter the RADIUS shared secret. It must match the secret as entered in the RSA RADIUS server.
- Click Save Changes
Next Step: Proceed to the Use Case Configuration Summary section for information on how to apply the RADIUS configuration to your use case.
