ā04-20-2011 03:23 PM - edited ā03-10-2019 06:00 PM
Dear all,
I am replacing our old Pix 515 for a new ASA 5520.
On the Pix (running ios 6.x) we configured the pix to use a RSA SecurID appliance as an AAA server to authenticate remote VPN clients. In order to do this we configure an AAA group that use the protocol radius. Now for the ASA I found some documentation that indicates that I must create an AAA group that uses the protocol SDI .
Now my questions are
1) can I still use the protocol radius on the ASA to authenticate with RSA SecureID or do I have to use SDI?
2) If I have to use SDI does this mean that I will also have to change the configuration on my RSA that I was using for authenticating users from the PIX?
Regards,
Screech
Solved! Go to Solution.
ā04-20-2011 06:51 PM
hi screech
1) You can still use RADIUS.
2) Yes, you would need to allow auth requests to come from ASA
Roman
ā04-21-2011 06:39 AM
Hi,
The SDI and Radius are two flavours supported by RSA.
Using SDI or Radius is entirely your choice.
Hope this helps.
Regards,
Anisha
P.S.: please mark this thread as answered if you feel your query is resolved. Do rate helpful posts.
ā04-20-2011 06:51 PM
hi screech
1) You can still use RADIUS.
2) Yes, you would need to allow auth requests to come from ASA
Roman
ā04-20-2011 07:34 PM
Roman,
Thanks for your reply.
What is the differnce between SDI and Radius and which one is recommended.
Regards,
Screech
ā04-21-2011 06:39 AM
Hi,
The SDI and Radius are two flavours supported by RSA.
Using SDI or Radius is entirely your choice.
Hope this helps.
Regards,
Anisha
P.S.: please mark this thread as answered if you feel your query is resolved. Do rate helpful posts.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide