RSA Security Home Security System 3.6.0 User Manual
Partner Authentication Agent Configuration
Setting Up RSA SecurID Authentication (Command Line Interface)
You can implement SecurID authentication at the server level and for specific interfaces and
asynchronous ports on the LX unit. You must implement RSA SecurID Authentication at the server level
before you can implement it on specific interfaces and asynchronous ports on the LX unit.
asynchronous ports on the LX unit. You must implement RSA SecurID Authentication at the server level
before you can implement it on specific interfaces and asynchronous ports on the LX unit.
The basic steps for configuring SecurID authentication on the LX unit are:
1. Specifying the RSA Authentication Manager Server settings on the LX.
2. Installing and configuring the SecurID server on a Network-based Host.
3. Configuring a RSA Authentication Manager Local Subscriber. (optional)
2. Installing and configuring the SecurID server on a Network-based Host.
3. Configuring a RSA Authentication Manager Local Subscriber. (optional)
Specifying the RSA Authentication Manager Server Settings on the LX
Perform the following operations to specify the RSA Authentication Manager settings on the LX unit:
1. Check the primary RSA Authentication Manager Server host to ensure that the RSA Authentication Manager
application is running.
2. Access the AAA Command Mode on the LX
3. Use the securid authentication version command to specify the RSA Authentication Manager authentication
3. Use the securid authentication version command to specify the RSA Authentication Manager authentication
version for the LX unit. You can specify the authentication version as Version 5, or pre-Version 5 (legacy); for
example:
example:
Login: InReach
Password: access
InReach:0> enable
Password: system
InReach:0>> configuration
AAA:0 >>securid authentication version version_5
AAA:0 >>securid authentication version legacy
Password: access
InReach:0> enable
Password: system
InReach:0>> configuration
AAA:0 >>securid authentication version version_5
AAA:0 >>securid authentication version legacy
4. Use the securid authentication port command to specify the socket your RSA Authentication Manager server is
listening to; for example:
AAA:0 >>securid authentication port 1687
Note: The LX listens to port 5500 by default.
5. Use the securid primary authentication server address command to specify the IP address of the RSA
Authentication Manager Primary; for example:
AAA:0 >>securid primary authentication server address 10.242.131.11
6. Use the securid authentication encryption command to specify the RSA SecurID encryption method for the LX
unit. You can specify DES or SDI as the encryption method; for example:
AAA:0 >>securid authentication encryption des
AAA:0 >>securid authentication encryption sdi
AAA:0 >>securid authentication encryption sdi
7. To verify the LX configuration, execute the show securid characteristics command at the superuser command
prompt; for example:
AAA:0 >>show securid characteristics
Note: To clear the node secret from the LX unit, use the ‘zero securid
secret’ command.
4