This section describes how to integrate Forescout with RSA Cloud Authentication Service using RADIUS.

Architecture Diagram

Configure RSA Cloud Authentication Service

To configure RADIUS for Cloud Authentication Service for use with a RADIUS client, you must first configure a RADIUS client in the RSA SecurID Access Console.

Sin into the RSA Cloud Administrative Console and browse to Authentication Clients > RADIUS > Add RADIUS Client and enter the Name, IP Address and Shared Secret.

Click Publish.

Configure Forescout

Perform these steps to configure Forescout Forescout as a RADIUS client to RSA Cloud Authentication Service.

Procedure

Sign in to Forescout admin console and click Options> Tools > VPN and click Add.

2. Add the Cisco ASA device information and click Next.

3. Configure the access credentials for the Cisco ASA and click Next.

4. Configure the RSA Authentication Manager RADIUS settings and click Finish.

1. Local RADIUS Port: This should match the RADIUS port as configured on Cisco ASA.
2. RADIUS Server Address: Enter the IP address of the RSA Identity Router.
3. RADIUS Server Port: Enter 1812.
4. RADIUS Shared Secret: Enter the RADIUS shared secret as specified in the RADIUS client in RSA Cloud Administration Console.

5. Click Options from the VPN pane, change RADIUS Server Timeout to 60 and click OK.

Configuration is complete

Return to the main page for more certification related information.