Hi,
RE: If you created an associated RSA agent for this RADIUS client, you must configure the agent
you don't actually need to configure anything on the agent page, simply save the page.
---
More about this and: a radius client alone, and a radius client with 'associated agent'
1) a radius client entry by itself, can allow radius clients to work, but you also need to edit an .ini file to make 'solo radius clients' work like that....(securid.ini file CheckUserAllowedByClient = 1 or 0)
2) set to zero, the system will ignore the fact you do not have a matching RSA agent entry for the radius client entry
3) however, CheckUserAllowedByClient = 1 is the default, and will not allow a radius client alone to allow access...as it is suggested to always create the corresponding RSA agent entry for any radius client entry.
A matching agent will allow you to do more advanced operations such as set Radius Profiles, or restrict access by user groups, or other operations you can choose on an RSA agent entry, which are not on the radius client page. CheckUserAllowedByClient=1 essentially means 'filter this login attempt through matching RSA agent page settings before allowing access-accept'
4) there is no disadvantage to simply always choose 'Save and create associated RSA agent'.
You do not need to do anything on the agent page, you can just save it.
But later, if you decide you want more control, the agent page is already there and you can make changes if needed.
