Configuring SecurID authentication

For SecurID authentication to work, the RADIUS and ACE/Server server must first be correctly configured. In addition, users must have a valid SecurID token and PIN number. Please see the relevant documentation for these products.

WatchGuard does not support the third-party program Steel Belted RADIUS for use with SecurID. Customers should use the RADIUS program bundled with the RSA SecurID software.

From Policy Manager:

1. Select Setup => Authentication.

   The Member Access and Authentication Setup dialog box appears.

2. Under Authentication Enabled Via, click the SecurID Server option.
3. Click the SecurID Server tab.

   You might need to use the arrow buttons in the upper-right corner of the dialog box to bring this tab into view.

4. Enter the IP address of the SecurID server.
5. Enter or verify the port number used for SecurID authentication.

   The default is 1645.

6. Enter the value of the secret shared between the Firebox and the SecurID server.

   The shared secret is case sensitive and must be identical on the Firebox and the SecurID server.

7. If you are using a backup server, enable the Specify backup SecurID server checkbox. Enter the IP address and port number for the backup server.
8. Click OK.

Install | User | Handbook | Reference | Training | Support | Contact Us

Copyright © 1998 - 2001 WatchGuard Technologies,Inc. All rights reserved.
Legal Notice/Terms of Use