Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Authenticating using RSA SecurID

Hello,

I am trying to secure the access using RSA SecurID to the following 2 scenarios:

- SSH/telnet/console to any Cisco device (Router, Switch, Firewall)

- SSL VPN users

 

Is it possible to do this integration directly between the Cisco device and the RSA SecurID itself? Or it is required to have ACS in between? \

 

Thanks,

Justine.

 

Everyone's tags (1)
1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

With Router/switches/AP's

With Router/switches/AP's only radius and tacacs are supported so you can configure the IOS devices for radius protocol and server as radius token server.

http://www.cisco.com/c/en/us/td/docs/ios/12_2/security/configuration/guide/fsecur_c/scftplus.html#wp1001011

ASA does supports SDI protocol so you can integrate the RSA securID directly with it. 

SDI on ASA

http://www.cisco.com/c/en/us/support/docs/security-vpn/secureid-sdi/116304-technote-rsa-00.html#anc10

SDI with ACS

http://www.cisco.com/c/en/us/support/docs/security-vpn/secureid-sdi/116304-technote-rsa-00.html#anc9

You may want to read discussion on the similar requirement.

https://supportforums.cisco.com/discussion/11259716/rsa-securid

 

~BR

Jatin

** Do rate helpful posts**

~BR Jatin Katyal **Do rate helpful posts**
2 REPLIES
Cisco Employee

With Router/switches/AP's

With Router/switches/AP's only radius and tacacs are supported so you can configure the IOS devices for radius protocol and server as radius token server.

http://www.cisco.com/c/en/us/td/docs/ios/12_2/security/configuration/guide/fsecur_c/scftplus.html#wp1001011

ASA does supports SDI protocol so you can integrate the RSA securID directly with it. 

SDI on ASA

http://www.cisco.com/c/en/us/support/docs/security-vpn/secureid-sdi/116304-technote-rsa-00.html#anc10

SDI with ACS

http://www.cisco.com/c/en/us/support/docs/security-vpn/secureid-sdi/116304-technote-rsa-00.html#anc9

You may want to read discussion on the similar requirement.

https://supportforums.cisco.com/discussion/11259716/rsa-securid

 

~BR

Jatin

** Do rate helpful posts**

~BR Jatin Katyal **Do rate helpful posts**
Cisco Employee

Justine,Let me know if you've

Justine,

Let me know if you've any further questions on this matter.

 

Regards,

Jatin Katyal

**Do rate helpful posts**

~BR Jatin Katyal **Do rate helpful posts**
1643
Views
0
Helpful
2
Replies
CreatePlease login to create content