Re: [fw-wiz] Cisco ASA 8.0(3) with RSA SecurID
- From: "Pedro Henrique Morsch Mazzoni" <phmazzoni@xxxxxxxxx>
- Date: Wed, 26 Nov 2008 15:15:09 -0200
Maybe you could try Cisco ACS to centralize your AAA. It´s not that good but
it has no substitute to all features it delivers.
Cisco ACS will pass authentication requestes to RSA and will deal with
authorization and accounting.
Regards,
Pedro Mazzoni
2008/11/26 Todd Simons <tsimons@xxxxxxxxxxxxxxx>
We ended up configuring RSA/SDI for Authentication, and our_______________________________________________
ActiveDirectory via LDAP for authorization
-----Original Message-----
From: firewall-wizards-bounces@xxxxxxxxxxxxxxxxxxxxx
[mailto:firewall-wizards-bounces@xxxxxxxxxxxxxxxxxxxxx] On Behalf Of
James Michael Keller
Sent: Tuesday, November 25, 2008 2:47 PM
To: Firewall Wizards Security Mailing List
Subject: Re: [fw-wiz] Cisco ASA 8.0(3) with RSA SecurID
Craig Van Tassle wrote:
On Mon, 15 Sep 2008 13:59:47 -0400existing
"Todd Simons" <tsimons@xxxxxxxxxxxxxxx> wrote:
Hello All
We're starting to evaluate the ASA 5500 series to replace our
Responding to old thread, but didn't see any follow up ....firewalls. On our current firewalls we use RSA tokens for
Authentication and WindowsAD for group Authorization. Is this
possible with the ASA?
~Todd
## Scanned by Delphi Technology, Inc. ##
I'm not totally sure about the RSA. I believe that is can be done. As
for the AD integration that is easily done. You just have to configure
the ASA to use LDAP which is not hard at all.
SDI is the RSA SecurID protocol. We ended up enabling the Radius
server on the RSA ACE servers and are using radius instead, the
intention was to be able to export group information to use in dynamic
ACLs, but the version of ACE we where on could not support that. SDI
native doesn't have a group token.
Then we changed the default template to refer to Passcodes instead of
Passwords. in the login dialogs.
--
James Michael Keller
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
## Scanned by Delphi Technology, Inc. ##
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
- References:
- Re: [fw-wiz] Cisco ASA 8.0(3) with RSA SecurID
- From: James Michael Keller
- Re: [fw-wiz] Cisco ASA 8.0(3) with RSA SecurID
- From: Todd Simons
- Re: [fw-wiz] Cisco ASA 8.0(3) with RSA SecurID
- Prev by Date: Re: [fw-wiz] Windows dynamic ARP
- Next by Date: Re: [fw-wiz] asa 5520
- Previous by thread: Re: [fw-wiz] Cisco ASA 8.0(3) with RSA SecurID
- Index(es):
Relevant Pages
|
