Cisco ISE 3.4 - Authentication Agent Configuration - RSA Ready Implementation Guide
10 months ago
Originally Published: 2018-12-03

This section contains instructions on how to integrate RSA Authentication Manager with Cisco ISE as an authentication agent.

Procedure

  1. Sign into RSA Security Console and go to Access > Authentication Agents > Add New.
  2. On the Add New Authentication Agent form, provide the following details and click Save.
    1. Hostname: Hostname of your ISE server.
    2. IP Address: IP Address of the ISE server.
  3. Go to Access > Authentication Agents > Generate Configuration File > Download Now. Unzip the file to extract the sdconf.rec file.
  4. Sign in to Cisco ISE Admin GUI, navigate to Administration > External Identity Source > RSA SecurID, and click Add.
  5. Click Choose File to import the sdconf.rec file.
  6. Go to the Authentication Control tab and select the Enable passcode caching and Enable identity caching checkboxes.
  7. Click Submit.

This section shows how to load, remove, or update the sdopts.rec, sdstatus.12, and Node Secret files. It also lists any technologies or terms specific to the Partner product that may not be viewed as common knowledge. 

Node Secret: (C and Java Agents only)

To reset the node secret:

  1. Go to Administration > Identity Management > External Identity Sources > RSA SecurID.
  2. Edit the RSA SecurID Identity Source, and open the RSA Instance Files tab.
  3. Set the Reset securid File drop-down menu to Remove on Submit, and click Save.
  4. Click Save to save your changes.

sdconf.rec: (C and Java Agents only)

To add or update the sdconf.rec file:

  1. Go to Administration > Identity Management > External Identity Sources > RSA SecurID.
  2. Go to the sdconf.rec file and click Save.
  3. Reboot the ISE appliance.

sdopts.rec: (C and Java Agents only)

To add or update the sdopts.rec file:

  1. Go to Administration > Identity Management > External Identity Sources > RSA SecurID.
  2. Edit the RSA SecurID Identity Source, and open the RSA Instance Files tab.
  3. Click the Update Options file link.
  4. Go to the sdopts.rec file and click OK.
  5. Click Save to save your changes.
  6. Reboot the ISE appliance.

sdstatus.12: (C and Java Agents only)

To reset the sdstatus12:

  1. Go to Administration > Identity Management > External Identity Sources > RSA SecurID.
  2. Edit the RSA SecurID Identity Source, and open the RSA Instance Files tab.
  3. Set the Reset sdstatus.12 File drop-down menu to Remove on Submit and click Save.
  4. Click Save to save your changes.

Next Step: Proceed to the Use Case Configuration section for information on how to apply the Authentication Agent configuration to your use case.

      

Certification Details

RSA Authentication Manager 
Cisco Identity Service Engine 3.4 Patch 1

 

Related Articles

Trending Articles

Don't see what you're looking for?