beautypg.com

Rsa securid token servers – Cisco 3.3 User Manual

Page 568

background image

Chapter 13 User Databases

Token Server User Databases

13-84

User Guide for Cisco Secure ACS for Windows Server

78-16592-01

Note

You should only use the From Token Server (async tokens only)
option if all tokens submitted to this token server are asynchronous
tokens.

Step 9

Click Submit.

Cisco Secure ACS saves the RADIUS token server database configuration you
created. You can add it to your Unknown User Policy or assign specific user
accounts to use this database for authentication. For more information about the
Unknown User Policy, see

About Unknown User Authentication, page 15-4

. For

more information about configuring user accounts to authenticate using this
database, see

Chapter 7, “User Management”

.

RSA SecurID Token Servers

Cisco Secure ACS supports ASCII, PAP, and PEAP(EAP-GTC) authentication for
RSA SecurID token servers. Other authentication protocols are not supported
with RSA SecurID external user databases.

Note

Authentication protocols not supported with RSA SecurID databases may be
supported by another type of external user database. For more information about
authentication protocols and the external database types that support them, see

Authentication Protocol-Database Compatibility, page 1-10

.

Cisco Secure ACS supports mapping users authenticated by a RSA token server
to a single group. For more information, see

Group Mapping by External User

Database, page 16-2

.

Cisco Secure ACS supports PPP (ISDN and async) and Telnet for RSA SecurID
token servers. It does so by acting as a token-card client to the RSA SecurID token
server. This requires that RSA token-card client software must be installed on the
computer running Cisco Secure ACS. The following procedure includes steps
required to install the RSA client correctly on the computer running Cisco Secure
ACS.