RSA SecurID Ready Implementation Guide Last Modified: March 8, 2006 Partner Information Product Information Partner Name Web Site Product Name Version & Platform Product Description Product Category MRV Communication, Inc. www.mrv.com LX Series LX OS 3.6.0 or later MRV Communications is a leading provider of network access solutions for the enterprise edge, the seam where corporate networks meet the widearea public network and the service provider edge.
Solution Summary The MRV LX-Series Secure Console/Terminal Servers have been specifically designed with a focus on security. The LX Series multi-processor platforms have the processing horsepower to handle the FIPS approved encryption and cipher algorithms required to meet demands of today’s high security environments. LX-Series platforms provide the highest and most comprehensive set security and encryption support of any Console or Terminal Server on the market today.
Agent Host Configuration To facilitate communication between the LX Product line and the RSA Authentication Manager / RSA SecurID Appliance, an Agent Host record must be added to the RSA Authentication Manager Database and RADIUS Server Database when using RADIUS. The Agent Host record identifies the LX Product line within its database and contains information about communication and encryption. To create the Agent Host record, you will need the following information.
Partner Authentication Agent Configuration Setting Up RSA SecurID Authentication (Command Line Interface) You can implement SecurID authentication at the server level and for specific interfaces and asynchronous ports on the LX unit. You must implement RSA SecurID Authentication at the server level before you can implement it on specific interfaces and asynchronous ports on the LX unit. The basic steps for configuring SecurID authentication on the LX unit are: 1. 2. 3.
RSA SecurID Authentication Command Examples This section provides examples of all of the commands that are used to specify settings for the RSA Authentication Manager servers. AAA:0 AAA:0 AAA:0 AAA:0 AAA:0 AAA:0 AAA:0 >>securid >>securid >>securid >>securid >>securid >>securid >>securid primary authentication server address 10.242.131.11 authentication port 4500 primary authentication server name bigsky1.
Setting Up RSA SecurID Authentication (Web Interface) 1. Point your browser to the LX IP address. (Browser must have Java 1.4.2 or higher installed.) 2. Login to the LX unit. 3. Click the Admin button on the upper tool bar.
4. Select SecurID under the Authentication Folder from the navigation tool bar on the left. Enter the desired information for your site.
Setting Up RADIUS (Command Line Interface) RADIUS Primary Authentication Server Commands Login: InReach Password: access InReach:0 >enable Password:****** InReach:0 >>configuration Config:0 >>aaa AAA:0>> radius AAA:0 >>radius AAA:0 >>radius AAA:0 >>radius AAA:0 >>radius AAA:0 >>radius primary primary primary primary primary primary authentication authentication authentication authentication authentication authentication server server server server server server address 10.242.131.
Setting Up RADIUS (Web Interface) 1. Point your browser to the LX IP address. 2. Login to the LX unit. 3. Click the Admin button on the upper tool bar.
4. Select RADIUS under the Authentication Folder from the navigation tool bar on the left. Enter the desired information for your site.
Setting Up TACACS+ You can implement TACACS+ authentication and TACACS+ accounting at the server level and for specific interfaces and asynchronous ports on the LX unit. Access the AAA Configuration mode on the LX. TACACS+ Primary Authentication Server Commands AAA:0>> tacacs+ AAA:0 >>tacacs+ AAA:0 >>tacacs+ AAA:0 >>tacacs+ AAA:0 >>tacacs+ primary primary primary primary primary authentication authentication authentication authentication authentication server server server server server address 10.242.
Setting Up TACACS+ (Web Interface) 1. Point your browser to the LX IP address. 2. Login to the LX unit. 3. Click the Admin button on the upper tool bar.
4. Select TACACS+ under the Authentication Folder from the navigation tool bar on the left. Enter the desired information for your site.
Certification Checklist Date Tested: March 8, 2006 Product Name RSA Authentication Manager LX Series Certification Environment Version Information Operating System 6.1 3.6.