Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
371
Views
0
Helpful
1
Replies

ACS integration with two different external RSA database

dominic.colson
Level 1
Level 1

‎08-03-2009 02:06 AM - edited ‎03-10-2019 04:37 PM

Hi All,

I need a help in the following scenario:

we have ACS server in place and also a RSA server integrated with it to be used as Token authentication. Now we are planning a new RAS box which should also get integrated with the current ACS box. Can anybody has a clue or a datasheet which says that a single ACS box can support two external RSA database.

Labels:
0 Helpful
1 Reply 1

darpotter
Level 5
Level 5

‎08-05-2009 01:45 AM

Dominic

There's a few issues here.

1) Not sure if the native RSA external authenticator supports multiple instances - you've have to try it in ACS. Even then does the sd_conf config file tie you to a single RSA server?

2) Optionally if you have the RSA radius servers running you could create 2 external radius authenticators in ACS and do it that way.

3) You'd need to manually assign ACS users to one or other RSA instance. Because of how long an RSA authentication can take (possibly with multiple challenge/responses - think new pin) ACS would find it hard to do "unknown user authentication" if it had to back out of one authentication before trying another.

No to mention how long the client might wait for this to complete.

Its a suck and see situation. It might work, or it might not. Good luck!

0 Helpful
Customers Also Viewed These Support Documents