Hi RSA folks,
In the document000024531 - Which firewall ports need to be open for RSA SecurID 5.2-6.1 to work properly? , there are some helpful rules on what ports need to be opened between authentication agents and the RSA servers.
However, I didn't see any documentation about what ports need to be opened to allow the RSA Software token to connect to the RSA server.
I have exported the .CTF for my token and successfully transferred it to my Android device. However, when I click the link (beginning with 127.0.0.1), the Token App throws an error for 'Error communicating with server. Token import failed.'. There is no record of this communication on the server, so I expect this is a firewall/network issue.
How can I enable communication between my token software and my RSA server?
When using Android, any URL with 127.0.0.1 may mean CTF (and a live connection is never needed) or CTKIP (a live connection is needed). The 127.0.0.1 with CTF is telling the Android...do this action locally...so, if you are using CTF, there is never a need to network anywhere, the entire token and encryption scheme is contained in that rather long CTF URL with 127.0.0.1.
If there are issues with CTF, then it is an Android RSA software token app version token problem, or the version of Android and CTF format is incorrect, or something along those lines. Perhaps it is formatted incorrectly or a part of it is chopped off. The Android RSA Software Token app admin guide states the correct way to format a CTF URL.
Can you show us here the entire CTF URL (but mask the long encrypted series of numbers) ?
[keep the same number of characters, just change them up manually to invalidate the actual long code in there....]
Here is an actual token Android 1.0 CTF URL (this is a valid one for device type a01c4380-fc01-4df0-b113-7fb98ec74694)
http://127.0.0.1/securid/ctf?ctfData=200013225166546230222524415334322670514042340117474544245172163270570273072652053
Here is an Android 2.0 CTF URL (this is a real token, anyone can install this if the identifier a01c4380-fc01-4df0-b113-7fb98ec74694 matches)
http://127.0.0.1/securid/ctf?ctfData=200013225166526237115414626360141621646311744315714767165172163270174753072636237
Do any of mine install ?
The URL link must start with the following prefix text:
http://127.0.0.1/securid/ctf?ctfData