ACS integration with two different external RSA database
I need a help in the following scenario:
we have ACS server in place and also a RSA server integrated with it to be used as Token authentication. Now we are planning a new RAS box which should also get integrated with the current ACS box. Can anybody has a clue or a datasheet which says that a single ACS box can support two external RSA database.
Re: ACS integration with two different external RSA database
There's a few issues here.
1) Not sure if the native RSA external authenticator supports multiple instances - you've have to try it in ACS. Even then does the sd_conf config file tie you to a single RSA server?
2) Optionally if you have the RSA radius servers running you could create 2 external radius authenticators in ACS and do it that way.
3) You'd need to manually assign ACS users to one or other RSA instance. Because of how long an RSA authentication can take (possibly with multiple challenge/responses - think new pin) ACS would find it hard to do "unknown user authentication" if it had to back out of one authentication before trying another.
No to mention how long the client might wait for this to complete.
Its a suck and see situation. It might work, or it might not. Good luck!
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :