Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
759
Views
0
Helpful
1
Replies

ISE Not Authenticating Against RSA SecurID

Brad User
Level 1
Level 1

‎06-14-2014 09:22 AM - edited ‎03-10-2019 09:47 PM

In the process of integrating ISE 1.2 into our environment with the eventual intent to replace ACS 5.x and having a challenge adding an RSA SecurID server as an external identity source.

In ACS, we would create an internal user but configure the password to be handled externally and uses PAP or whatever to communicate with RSA.

I don't see this option in ISE, only to use the RSA SecurID as a direct Identity Source, the problem is that if I try to authenticate to ISE using a device such as an iPhone, which is using MS-CHAPv2 by default, it produces an error in the authentication logs that the device is using a protocol not supported by the identity source.

So what is the proper way to configure ISE to allow users to authenticate with a one-time-password against RSA SecurID?

 

Labels:
0 Helpful
1 Reply 1

Venkatesh Attuluri
Cisco Employee
Cisco Employee

‎06-18-2014 05:28 AM

check the following link for Integrating Cisco ISE with RSA SecurID Server

http://www.cisco.com/en/US/docs/security/ise/1.0/user_guide/ise10_man_id_stores.html#wp1080334

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents