Can anyone help with what is probably a simple question. I will be pointing an ASA to use an RSA server fro 2 factor login using SDI. THere will be a primary and a replica (for redundancy) RSA server. Normally if you where pointing a windows machine to RSA you copy the sdconf.rec which tells the windows box there are 2 RSA servers to use if one is not available. WHen conifuring ASA to use RSA via SDI you dont copy a sdconf.rec
I know when you first authenticate a nodesecret file is created on the ASA. my question is if you dont copy an sdconf.rec to tell the ASA there is a backup RSA server how do i tell the ASA there is a backup? Do i create 2 SDI servers in the asa config? Does the nodesecret which is automatically created tell the ASA there is a backup RSA server?
Thanks.