This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Integrations

Cisco ISE 3.2 – Authentication Agent Configuration - RSA Ready Implementation guide

This section contains instructions on how to integrate RSA Authentication Manager with Cisco ISE as an authentication agent.

Procedure

  1. Sign into RSA Security Console and go to Access > Authentication Agents > Generate Configuration File > Download Now.
    AjithkumarSID_0-1680150759466.png
  2. Sign into Cisco ISE Admin GUI and go to Administration > External Identity Source > RSA SecurID and click Add.
  3. Click to Import sdconf.rec file, mark the Reauthenticate on Change PIN checkbox and click Submit.
    AjithkumarSID_1-1680150831199.png

    Note:

    • If you click on Reauthenticate on Change PIN, the authentication will fail when you change the PIN. However, the PIN is successfully changed. You just need to initiate another flow and it will work. (This is a bug from Cisco ISE side)
    • If integrating with Guest Access Portal, you need to add it to the Identity Source Sequence.
  4. Go to Administration > Identity Management > Identity Source Sequences and click Add or Edit an Identity Source Sequence. In the Authentication Search List add the created RSA SecurID in Step 2.
    AjithkumarSID_2-1680150878973.png
  5. Click on Save.

This section shows how to load, remove, or update: (sdopts.rec, sdstatus.12 and Node Secret file). If it was not previously documented under the Partner Authentication Agent Configuration section. It also lists any technologies or terms specific to the Partner product that may not be viewed as common knowledge. If a testing utility has been added to the product for RSA SecurID authentications, then add a note on how to use it.

Node Secret: (C and Java Agents only)

To reset the node secret:

  1. Go to Administration > Identity Management > External Identity Sources > RSA SecurID.
  2. Edit the RSA SecurID Identity Source, and open the RSA Instance Files tab.
  3. Set the Reset securid File drop-down menu to Remove on Submit, and click Save.
  4. Click Save to save your changes.

sdconf.rec: (C and Java Agents only)

To add or update the sdopts.rec file:

  1. Go to Administration > Identity Management > External Identity Sources > RSA SecurID.
  2. Go to the sdconf.rec file and click Save.
  3. Reboot the ISE appliance.

sdopts.rec: (C and Java Agents only)

To add or update the sdopts.rec file:

  1. Go to Administration > Identity Management > External Identity Sources > RSA SecurID.
  2. Edit the RSA SecurID Identity Source, and open the RSA Instance Files tab.
  3. Click the Update Options file link.
  4. Go to the sdopts.rec file and click OK.
  5. Click Save to save your changes.
  6. Reboot the ISE appliance.

sdstatus.12: (C and Java Agents only)

To reset the sdstatus12:

  1. Go to Administration > Identity Management > External Identity Sources > RSA SecurID.
  2. Edit the RSA SecurID Identity Source, and open the RSA Instance Files tab.
  3. Set the Reset sdstatus.12 File drop-down menu to Remove on Submit and click Save.
  4. Click Save to save your changes.

Next Step: Proceed to the Use Case Configuration section for information on how to apply the Authentication Agent configuration to your use case.

Labels (1)
Labels:
0 Likes
Was this article helpful? Yes No
No ratings
Version history
Last update:
‎2023-03-30 10:14 AM
Updated by:
New Contributor New Contributor
Contributors

Related Content

Article Dashboard
© 2023 RSA Security LLC or its affiliates. All rights reserved.