Solved: Re: Multiple RSA Instances?

bilclay · ‎05-01-2017

ISE Teams,

Having trouble verifying if a single ISE instance can support multiple separate RSA SecureID instances simultaneously. Can someone please confirm or deny this capability?

Much Appreciated

Charlie Moreton · ‎05-01-2017

"Cisco ISE supports only one RSA realm."

Found here:

http://www.cisco.com/c/en/us/td/docs/security/ise/2-2/admin_guide/b_ise_admin_guide_22/b_ise_admin_guide_22_chapter_01101.html#ID1516

View solution in original post

Charlie Moreton · ‎05-01-2017

"Cisco ISE supports only one RSA realm."

Found here:

http://www.cisco.com/c/en/us/td/docs/security/ise/2-2/admin_guide/b_ise_admin_guide_22/b_ise_admin_guide_22_chapter_01101.html#ID1516

paul · ‎05-01-2017

I have never tried this but what happens if you don't define the RSA servers as RSA servers in ISE and treat them as just external RADIUS servers like most other devices to.

Jason Kunst · ‎05-01-2017

Think would be fine but then you would lose token based login, it would be beasic RADIUS auth right?

paul · ‎05-01-2017

It should work with token auth. RSA functions as a RADIUS server. Think of a scenario where I only have RSA running and want to do toke auth for my VPN, switches/routers. They can point directly to RSA as a RADIUS server and do token authentication.

I just never have investigated what what you get by doing a true integration with RSA vs. treating it as external RADIUS. All other OTP solutions integrate with ISE as external RADIUS servers and work perfectly fine.

Yordan1 · ‎09-08-2023

hi Paul

how many RSA Identity Sources are supported in ise? I tried to insert the second one, but it is grayed out - pls check the screenshot