Customize the RSA SecurID Access Web Interface for a Cisco Adaptive Security Appliance
RSA provides a customized web client interface for clientless SSL VPN authentication on some types of RADIUS client devices.
You can provide a more streamlined experience for users who authenticate to the Cloud Authentication Service through RADIUS-enabled devices by updating your Cisco Adaptive Security Appliance (ASA) with the latest customization files.
Before you begin
If you deployed the Cloud Authentication Service before October 2019 and you want users who access the customized web client to be able to use Emergency Tokencode, you must perform this procedure before you enable Emergency Tokencode for users. If possible, perform this customization before you update the identity router.
Download the RSASecurIDAccessCiscoWebClient-1.1.0.zip file.
In the Cloud Administration Console, click Authentication Clients > RADIUS.
Select the RADIUS client you want to customize.
On the RADIUS Client page, open Advanced Configuration.
Under Web Client, click Custom, then Download Custom Web Client.
Extract the contents of the zip file to a location accessible by the Cisco ASA Adaptive Security Device Manager (ASDM).
Sign in to the Cisco ASDM-IDM Launcher. Specify the IP address or hostname of the Cisco device you are customizing. A dashboard similar to the following appears:
In the toolbar, click Configuration.
In the navigation panel, select Remote Access VPN.
In the next navigation panel, click Clientless SSL VPN Access > Portal > Web Contents.
A screen similar to the following appears:
You might see different files depending on what is in your directory folder.
If your web client contains customization files from a previous RSA SecurID Access release, you must delete each file one by one. Select a file, click Delete, then click Apply.
After you have deleted all files related to the previous customization, import the new files.
In the Import Web Content dialog box, select Local Computer and browse to the directory containing the extracted files. Select a file to import.
Select No. For example, use this option to make the content available to logon or portal page, as shown.
Click Import Now. When you see the success message, click OK.
Repeat the import steps for each new customization file.
Note: Do not rename any files you import.
You need to apply the customization to a profile or group policies so you can use the customization in your environment. You can use your preferred method to apply this customization, or perform these steps.
In the navigation panel, click Customization.
Double-click a profile in the Customization Objects window.
In the navigation panel, click Logon Page. The Edit Customization Object dialog box appears.
Select Replace pre-defined logon page with a custom page (full customization).
Select the step_up.inc file as the custom user sign-in page.
After the customization is complete, your users will see a customized interface similar to this example: