https://community.cisco.com/t5/network-access-control/router-login-with-rsa-token/m-p/489195#M427996 <HTML><HEAD></HEAD><BODY><P>You can set the router to authenticate with TACACS or with Radius and then set up the authentication server to use RSA server as the authentication processor (an external authentication to the TACACS or Radius server).</P><P></P><P>So the configuration of the router is pretty straightforward: </P><P>aaa authentication login default group tacacs+ line</P><P>aaa authentication enable default group tacacs+ enable</P><P></P><P>The more unusual part is the configuration of the TACACS server to send authentication requests to RSA.</P><P></P><P>HTH</P><P></P><P>Rick</P></BODY></HTML> Sun, 01 Jan 2006 05:29:26 GMT Richard Burts 2006-01-01T05:29:26Z https://community.cisco.com/t5/network-access-control/router-login-with-rsa-token/m-p/489194#M427995 <P>Is there any way to secure the logining process of a router using RSA token? </P><P>And how to do that.</P><P></P><P>Thank you!</P><P></P><P>Regards.</P> Sun, 10 Mar 2019 21:24:54 GMT https://community.cisco.com/t5/network-access-control/router-login-with-rsa-token/m-p/489194#M427995 lennonlyc 2019-03-10T21:24:54Z https://community.cisco.com/t5/network-access-control/router-login-with-rsa-token/m-p/489195#M427996 <HTML><HEAD></HEAD><BODY><P>You can set the router to authenticate with TACACS or with Radius and then set up the authentication server to use RSA server as the authentication processor (an external authentication to the TACACS or Radius server).</P><P></P><P>So the configuration of the router is pretty straightforward: </P><P>aaa authentication login default group tacacs+ line</P><P>aaa authentication enable default group tacacs+ enable</P><P></P><P>The more unusual part is the configuration of the TACACS server to send authentication requests to RSA.</P><P></P><P>HTH</P><P></P><P>Rick</P></BODY></HTML> Sun, 01 Jan 2006 05:29:26 GMT https://community.cisco.com/t5/network-access-control/router-login-with-rsa-token/m-p/489195#M427996 Richard Burts 2006-01-01T05:29:26Z https://community.cisco.com/t5/network-access-control/router-login-with-rsa-token/m-p/489196#M427998 <HTML><HEAD></HEAD><BODY><P>Really thanks for you help?</P><P></P><P>And could you figure me out that there is any static pwd and username with the code generated by token or just the username and code generated by token.</P><P></P><P>Example:</P><P></P><P>username:test</P><P>pwd:***</P><P>token key:1234</P><P></P><P>or just</P><P></P><P>username:test</P><P>token key:1234</P><P></P><P>thank you again.</P><P></P><P></P><P></P><P></P><P></P><P></P><P></P></BODY></HTML> Wed, 04 Jan 2006 08:57:57 GMT https://community.cisco.com/t5/network-access-control/router-login-with-rsa-token/m-p/489196#M427998 lennonlyc 2006-01-04T08:57:57Z https://community.cisco.com/t5/network-access-control/router-login-with-rsa-token/m-p/489197#M427999 <HTML><HEAD></HEAD><BODY><P>If the router is authenticating with RSA token there is only the name and the token key, there is no static password.</P><P></P><P>If you wanted you could configure on the router a local username and password and then use that as a backup authentication method if the TACACS was not communicating. The configuration for that might look something like this:</P><P>user test password test_pass</P><P>aaa authentication login default group tacacs+ local</P><P>aaa authentication enable default group tacacs+ enable</P><P></P><P>HTH</P><P></P><P>Rick</P></BODY></HTML> Wed, 04 Jan 2006 14:46:36 GMT https://community.cisco.com/t5/network-access-control/router-login-with-rsa-token/m-p/489197#M427999 Richard Burts 2006-01-04T14:46:36Z