ACE with SecureID 130 Appliance (Authentication Manager 7.1)
IÕm trying to setup a SA2500 with RSA SecureID 130 which running Authentication Manager 7.1. After generated the configuration file from AM and imported to the SA2500, it shown this nodeÓ under the Node Verification FileÓ section. Then we configured the user realm to use the ACE and tried to login the IVE but failed. And got the message There is no node verification fileÓ on SA2500.
Have any experts face this situation and anyone have experience on AM 7.1 integration?
Re: ACE with SecureID 130 Appliance (Authentication Manager 7.1)
We use AM 6.x. The following items are important to check:
1. When working with a new IVE box or when you have deleted the sdconf.rec file on the IVE, go to the agent host entry in your AM and delete the "node secret created" checkbox. The first authentication session ( must be succesful) will generate a new shared secret between SA and RSA AM
2. Make sure the type of agent host in AM is "Communication Server"
3. AM likes DNS resolving. Make sure DNS resolving is set up. The AM does lookup for host. Create entry in your DNS or set up a local hostfile on your AM.
4. When you have multliple interfaces or NAT between AM and SA, make sure you configured the secondary nodes section.
5. Check any intermediate FW's between AM and IVE. There must be a rule for 5500-udp
You can check the Activity Monitor on AM to see what's happening when you try to authenticate a user through the IVE.