Router login with RSA token

lennonlyc · ‎12-29-2005

Is there any way to secure the logining process of a router using RSA token?

And how to do that.

Thank you!

Regards.

Richard Burts · ‎12-31-2005

You can set the router to authenticate with TACACS or with Radius and then set up the authentication server to use RSA server as the authentication processor (an external authentication to the TACACS or Radius server).

So the configuration of the router is pretty straightforward:

aaa authentication login default group tacacs+ line

aaa authentication enable default group tacacs+ enable

The more unusual part is the configuration of the TACACS server to send authentication requests to RSA.

HTH

Rick

HTH

Rick

lennonlyc · ‎01-04-2006

Really thanks for you help?

And could you figure me out that there is any static pwd and username with the code generated by token or just the username and code generated by token.

Example:

username:test

pwd:***

token key:1234

or just

username:test

token key:1234

thank you again.

Richard Burts · ‎01-04-2006

If the router is authenticating with RSA token there is only the name and the token key, there is no static password.

If you wanted you could configure on the router a local username and password and then use that as a backup authentication method if the TACACS was not communicating. The configuration for that might look something like this:

user test password test_pass

aaa authentication login default group tacacs+ local

aaa authentication enable default group tacacs+ enable

HTH

Rick

HTH

Rick