You need to configure your firewall to use SecurID to authenticate client VPN connections.
Symptoms Using SecurID Authentication with a Client VPN tunnel You need to configure your firewall to use SecurID to authenticate client VPN connections.
To configure your security gateway to use SecurID for authentication of Client VPN tunnels, you must perform the following tasks:
Configure the RSA SecurID authentication server record
Configure the authentication scheme
Apply SecurID Authentication to the VPN user group
To configure the RSA SecurID authentication server record
In the Security Gateway Management Interface (SGMI), in the left pane, under Assets, click Authentication Servers.
In the right pane, on the Authentication Server tab, click New > RSA SecurID.
In the RSA SecurID Properties dialog box, on the General tab, configure the following attributes: Name: Type a unique name for the authentication server. ACE Server Interface: Choose the security gateway network interface closest to the RSA SecurID server. sdConfData: Upload the sdconf.rec file from the RSA SecurID server.
To configure the authentication scheme
In the SGMI, in the left pane, under Assets, click Authentication Servers.
In the right pane, on the Schemes tab, click New.
In the Scheme Properties dialog box, in the Name text box, type a unique name for the authentication scheme.
In the list of authentication server records, next to the RSA SecurID record that you created, check Authentication. Do not check Group Information.
To apply SecurID Authentication to the VPN user group
In the SGMI, in the left pane, under Assets, click Users.
On the User Groups tab, double-click the user group which contains your VPN users.
In the user group properties, on the VPN Authentication tab, configure the following attributes: Authentication Scheme: Choose the authentication scheme you configured for SecurID authentication User Binding: No Binding Enforce Group Binding: Unchecked
In the SGMI, on the toolbar, click the Activate icon. When you are asked to save your changes, click Yes.
References RSA SecurID Ready Implementation Guide
Imported Document Id
This is machine translated content
Login to Subscribe
Please login to set up your subscription.
Didn't find the article you were looking for? Try these resources.