Using RSA with local AAA on cisco asa 5520

pskipton01 · ‎08-24-2012

Is it possable to use rsa token on the ASA without setting up any other server just using the ASA, out clients use the cisco vpn client version 5.0.07.0290 and IOS 8.3(1), How would this be done?

Tarik Admani · ‎08-24-2012

You may want to forward this to the vpn group as well. Just so I understand your question you are wanting to integrate the ASA with a token server or are you wanting the ASA to act as a standalone token server?

Thanks,

Tarik Admani
*Please rate helpful posts*

pskipton01 · ‎08-25-2012

Yes I want the ASA to act like a standalone token server? is this possible?

nkarthikeyan · ‎08-25-2012

Hi Perry,

I do not think so you can have the RSA Secure Id Auth setup locally with your ASA for the VPN users. RSA Secure id is possible only with the 2 options. i.e. AAA configs pointing to SDI or Radius servers which can have the communication with the RSA Secure ID Authentication Manager. You cannot have ASA to act as the RSA Auth Manager.

You can make your ASA to have the VPN users to auth locally in ASA but not as RSA.

RSA Secure id is possible for IPSec VPN, Web/SSL VPN & Firewall Authentication.

Please refer the below document for further information which has the complete information.

http://www.rsa.com/rsasecured/guides/imp_pdfs/Cisco_ASA_AuthMan61.pdf

Please do rate for all helpful posts.

By

Karthik