Rsa securid token servers – Cisco 3.3 User Manual
Page 568
Chapter 13 User Databases
Token Server User Databases
13-84
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
Note
You should only use the From Token Server (async tokens only)
option if all tokens submitted to this token server are asynchronous
tokens.
Step 9
Click Submit.
Cisco Secure ACS saves the RADIUS token server database configuration you
created. You can add it to your Unknown User Policy or assign specific user
accounts to use this database for authentication. For more information about the
Unknown User Policy, see
About Unknown User Authentication, page 15-4
more information about configuring user accounts to authenticate using this
database, see
RSA SecurID Token Servers
Cisco Secure ACS supports ASCII, PAP, and PEAP(EAP-GTC) authentication for
RSA SecurID token servers. Other authentication protocols are not supported
with RSA SecurID external user databases.
Note
Authentication protocols not supported with RSA SecurID databases may be
supported by another type of external user database. For more information about
authentication protocols and the external database types that support them, see
Authentication Protocol-Database Compatibility, page 1-10
Cisco Secure ACS supports mapping users authenticated by a RSA token server
to a single group. For more information, see
Group Mapping by External User
Cisco Secure ACS supports PPP (ISDN and async) and Telnet for RSA SecurID
token servers. It does so by acting as a token-card client to the RSA SecurID token
server. This requires that RSA token-card client software must be installed on the
computer running Cisco Secure ACS. The following procedure includes steps
required to install the RSA client correctly on the computer running Cisco Secure
ACS.