This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.
MattBayliss
Beginner
Beginner
‎2016-11-14 10:35 AM

Alternate IP address for RSA AM 8.1.1

Jump to solution

We have an RSA AM 8.1.1 server with a LAN address and a NAT address.  The LAN IP address is configured in Access >> Authentication Agents >> Manage existing >> (Primary AM server).

 

I have added the NAT ip address in the Alternate IP Addresses field and generated new config files (Access >> Authentication Agents >> Generate Config Files).

 

I have installed RSA Authentication Agent 7.3.1 onto a Windows server and given it the sdconf.rec file I created earlier.  However, when I click on Control Center >> Server Environment only the Primary IP address is listed and the Alias field is blank.

 

How can I confirm that my sdconf.rec file contains the Alternate IP address field for the authentication manager server.

Labels (1)
Labels
0 Likes
Reply
1 Solution

Accepted Solutions
BrianTwomey
Employee
Employee
‎2016-11-14 11:21 AM

Jump to solution

Hi Matt,

 

 

You would want to configure the alternate iP address for the AM server in Secrity Console---Setup---System Settings--Alternative Instance IP Addresses (in the Advances Settings section):

 

pastedImage_1.png

View solution in original post

Reply
4 Replies
jeffshurtliff
Administrator Administrator
Administrator
‎2016-11-14 11:06 AM

Jump to solution

Hi Matt,

 

I have moved this thread to the https://community.rsa.com/community/products/securid?sr=search&searchId=104df09a-f7ad-44db-8e6a-a29a9b01b990&searchIndex=0‌ community so that you can get an answer to your questions.

 

Thanks,
Jeff

0 Likes
Reply
BrianTwomey
Employee
Employee
‎2016-11-14 11:21 AM

Jump to solution

Hi Matt,

 

 

You would want to configure the alternate iP address for the AM server in Secrity Console---Setup---System Settings--Alternative Instance IP Addresses (in the Advances Settings section):

 

pastedImage_1.png

Reply
EdwardDavis
Employee
Employee
‎2016-11-14 12:37 PM

Jump to solution

Adding an alternate address to an agent does not change the sdconf.rec file. It only means the RSA server

will recognize traffic from [any alternate address listed] as belonging to that specific agent.

 

As Brian indicated, you can change a system setting to give an alternate address for the RSA server, for

the agent to send traffic to (in my example 2.3.4.5) and I would expect a device at 2.3.4.5 to forward

the authentication to the actual RSA server address 10.101.99.150 hidden behind 2.3.4.5

 

anyhow I made this change and put in a new sdconf.rec and immediately the alias pops up.

pastedImage_2.png

 

pastedImage_1.png

Reply
MattBayliss
Beginner
Beginner
‎2016-11-18 06:08 AM

Jump to solution

Thanks for the replies, seems I was adding the alternate IP address in the wrong place.

 

I have corrected this now and the alternate address does show correctly as Edwards second screenshot shows.  However my Agents still seem to be sending data to the primary IP address rather than the alternate.  I will open a separate thread for this.

0 Likes
Reply
© 2023 RSA Security LLC or its affiliates. All rights reserved.