Cisco Systems Network Router 46 User Manual

RSA SecurID Ready Implementation Guide  
Last Modified: January 7, 2008  
Partner Information  
Product Information  
Partner Name  
Cisco Systems  
Web Site  
Product Name  
Cisco VPN Client  
Version & Platform  
Product Description  
4.6, 4.8, and 5.0.02.0090  
Simple to deploy and operate, the Cisco VPN Client allows organizations to  
establish end-to-end, encrypted VPN tunnels for secure connectivity for  
mobile employees or teleworkers. This thin design, IP security (IPSec)-  
implementation is compatible with all Cisco virtual private network (VPN)  
products.  
Product Category  
Perimeter Defense (Firewalls, VPNs & Intrusion Detection)  
1
 
Product Requirements  
Partner Product Requirements: Cisco VPN Client  
Memory  
34 MB  
Storage  
50 MB  
Operating System  
Platform  
Windows XP  
Required Patches  
SP2 or later  
Windows 2000  
Windows Vista  
SP2 or later  
All versions as of date listed above  
Additional Hardware Requirements:  
The Cisco VPN Client is compatible with the following Cisco products  
Cisco VPN 3000 Series Concentrator Software Version 3.0 or later  
Cisco IOS Software Release 12.2(8)T or later  
Cisco PIX Security Appliance Software Version 7.0 or later  
Cisco ASA 5500 Series Software Version 7.0 or later  
The Cisco VPN Client integrates with the RSA Software Token and RSA SecurID 800 token so that users  
only have to enter a PIN; where the tokencode is automatically pulled into the client. The following table  
shows what Cisco products support this feature.  
RSA Software Token and RSA SecurID 800 Integration Compatibility Matrix  
Native RSA SecurID  
Authentication  
RADIUS Authentication  
Cisco Product  
Cisco VPN 3000 Series  
Cisco IOS Software  
Cisco PIX Security Appliance  
Cisco ASA 5500 Series  
Yes  
N/A  
Yes  
Yes  
Yes*  
No  
Yes*  
Yes*  
* Needs RadiusSDI set to 1 for this to function. See the Cisco VPN client  
profile configuration section for information.  
Important: The RSA Software Token and RSA SecurID 800 Integration  
is a Windows only solution.  
3
 
Partner Authentication Agent Configuration  
Before You Begin  
This section provides instructions for integrating the partners’ product with RSA SecurID Authentication.  
This document is not intended to suggest optimum installations or configurations.  
It is assumed that the reader has both working knowledge of all products involved, and the ability to  
perform the tasks outlined in this section. Administrators should have access to the product  
documentation for all products in order to install the required components.  
All vendor products/components must be installed and working prior to the integration. Perform the  
necessary tests to confirm that this is true before proceeding.  
Documenting the Solution  
Cisco VPN Client Configuration  
1. Install the Cisco VPN client and then start the application.  
4
 
2. Click the New button to create an RSA SecurID connection entry. Fill in the appropriate information for the  
connection. The group name and password must match the entry you create on the VPN server device.  
3. Click Save.  
4. Highlight the connection created and click connect.  
5. The user will be prompted for authentication information.  
RSA Software Token and RSA SecurID 800 Integration:  
RSA Software Token and RSA SecurID 800 Token integration with the Cisco VPN client is dependent on  
the Cisco VPN server. See the comparability matrix under the Product Requirements section for more  
details. If the Cisco VPN client detects that the RSA Software Token or RSA SecurID 800 Token is  
installed (through the presence of stauto32.dll), users will be prompted for their PIN only. The tokencode  
displayed on the RSA Software Token or RSA SecurID 800 Token is automatically coupled with the PIN  
and passed along to the RSA Authentication Manager. You can turn on and off the option for the PIN  
only prompt when using the Cisco VPN client 4.x. See the Cisco VPN client profile configuration  
parameters section for more information.  
5
 
Cisco VPN client profile configuration parameters:  
You can enable and disable the ability of the Cisco VPN client to only prompt the user for their PIN when  
using the RSA Software Token or the RSA SecurID 800 Token by adding the following setting in your  
profile file. This file is located by default in Program Files\Cisco Systems\VPN Client\Profiles. The file  
name is the name of the connection entry with a .pcf extension.  
SDIUseHardwareToken = 0 or 1  
0 = Yes use RSA Software Token (default)  
1 = No, ignore RSA Software Token installed on the PC.  
You can also change the prompts displayed to a user that is authenticating using RADIUS to better  
resemble an RSA SecurID authentication by setting the following parameter in the profile file.  
Note: This setting will also allow the RSA Software Token and RSA  
SecurID 800 automation to work when using RADIUS as the authentication  
method with some Cisco VPN servers. See the comparability matrix under  
the Product Requirements section of this guide along with the Cisco  
documentation for more details.  
RadiusSDI  
0 = No (default)  
1 = Yes  
See the Cisco VPN client documentation for more information on these and other settings that can be  
used.  
6
 

Coleman Patio Furniture 2000004415 User Manual
Creative Speaker P5800 User Manual
Curtis Clock Radio CR1345 User Manual
Curtis Flat Panel Television LCDVD151 User Manual
Cypress Computer Hardware STK14C88 5 User Manual
Dimplex Indoor Fireplace 30 FIREPLACE User Manual
D Link Network Router Wireless AC1750 User Manual
Dual Marine Radio AM400W User Manual
Fisher Paykel Ventilation Hood HC90DMB1 User Manual
Frigidaire Washer FAHE4044MW User Manual