Saturday, May 22, 2010

How to configure RSA SecurID as RADIUS on Nokia IPSO for http / https / ssh??

These are steps needed to make RADIUS work with IPSO's httpd. It is important that there is a corresponding IPSO user ID to the RADIUS ID (i.e. the usernames must be the same).
The following example will create a new Auth Profile and a new Service Profile. We will use the following:
The AAA configuration page may be a little confusing at first, but it can be explained.
1) From the Network Voyager Main Configuration page, select AAA Configuration from the Security and Access Configuration section. You will now see the Authentication, Authorization, and Accounting (AAA) Configuration page.
2) Scroll down to the Auth. Profile section.
3) Scroll down to the Service Profiles section.
4) Scroll down to the Security & Access Configuration section and select Users
5) Create a user with UID=0, and home directory (/var/nokiaadmin); the rest of the fields are left default/empty; apply & save. Username should be up to 8 characters long.
6) Go back to the AAA Configuration page in Voyager.
7) Associate the service module 'httpd' with the profile 'RADIUS_prof_httpd'; apply & save
8) Test Voyager access with RADIUS login ID 'nokiaadmin'

No comments: