Petri.co.il forums Home Forums Start Page Forums Frequently Asked Questions FAQ Member List Members List
Go Back   Petri IT Knowledgebase Forums > Security > General Security
Petri.co.il is happy to award RicklesP the title of Most Valuable Member !!!
Register Calendar Calendar Search Petri IT Knowledgebase Forums Search Todays Posts Today's Posts Mark Forums Read
Notices

RSA SecureID

RSA SecureID

this thread has 6 replies and has been viewed 2408 times

Closed Thread
 
Thread Tools Search this Thread Display Modes
  #1  
Old 28th February 2008, 09:37
will.ton will.ton is offline
Casual
Casual
 
 Join Date: Jan 2008
  6 month star 12 month star
 Posts: 40
 Reputation: will.ton is on a distinguished road (10)
Default RSA SecureID

Does anyone know if you can cluster RSA ACE servers? Is there anyway to have two systems sync tokens so that if one server goes down all users will still be able to login. Thanks.

N/M I found some documentation on setting up RSA as a Primary and Replica servers.

Last edited by will.ton; 28th February 2008 at 10:03..
  #2  
Old 28th February 2008, 11:00
m80arm's Avatar
m80arm m80arm is offline
Moderator
 
 Join Date: Apr 2005
  6 month star 12 month star
 Location: Newcastle, UK
 Posts: 2,640
  Send a message via MSN to m80arm Send a message via Skype™ to m80arm
 Reputation: m80arm is just really nicem80arm is just really nicem80arm is just really nicem80arm is just really nice (359)
Default Re: RSA SecureID

Obviously you found the information. In our organisation we have 4 RSA servers (one Primary and 3 replicas in different sites) When configuring agents we set the primary server to the replica in the same site and the secondary as the master RSA server.

Michael
__________________
Michael Armstrong
www.m80arm.co.uk
MCITP: EA, MCTS, MCSE 2003, MCSA 2003: Messaging, CCA, VCP 3.5, 4, 5, VCAP5-DCD, VCAP5-DCA, ITIL, MCP, PGP Certified Technician

** Remember to give credit where credit is due and leave reputation points To grant some reputation points to the user that helped you, just click on the little Yin-Yang icon on the right of the user's answer and follow the prompt. where appropriate **
  #3  
Old 28th February 2008, 23:19
will.ton will.ton is offline
Casual
Casual
 
 Join Date: Jan 2008
  6 month star 12 month star
 Posts: 40
 Reputation: will.ton is on a distinguished road (10)
Default Re: RSA SecureID

What happens when the primary one goes down though? Do you have to configure your RADIUS clients to know that all four servers exist? I assume once the primary goes down one of the Replicas become the primary? Thanks!
  #4  
Old 29th February 2008, 02:31
m80arm's Avatar
m80arm m80arm is offline
Moderator
 
 Join Date: Apr 2005
  6 month star 12 month star
 Location: Newcastle, UK
 Posts: 2,640
  Send a message via MSN to m80arm Send a message via Skype™ to m80arm
 Reputation: m80arm is just really nicem80arm is just really nicem80arm is just really nicem80arm is just really nice (359)
Default Re: RSA SecureID

If the primary goes down then it will use the secondary. The Master is only there to allow you to make changes to the topology which are replicated to all replica's
__________________
Michael Armstrong
www.m80arm.co.uk
MCITP: EA, MCTS, MCSE 2003, MCSA 2003: Messaging, CCA, VCP 3.5, 4, 5, VCAP5-DCD, VCAP5-DCA, ITIL, MCP, PGP Certified Technician

** Remember to give credit where credit is due and leave reputation points To grant some reputation points to the user that helped you, just click on the little Yin-Yang icon on the right of the user's answer and follow the prompt. where appropriate **
  #5  
Old 1st March 2008, 00:23
will.ton will.ton is offline
Casual
Casual
 
 Join Date: Jan 2008
  6 month star 12 month star
 Posts: 40
 Reputation: will.ton is on a distinguished road (10)
Default Re: RSA SecureID

But lets say I have an aventail appliance. How will it know to use the replica server if the primary is done? I assume I'd have to specify all of my replicas on the aventail? Thanks.
  #6  
Old 1st March 2008, 21:04
m80arm's Avatar
m80arm m80arm is offline
Moderator
 
 Join Date: Apr 2005
  6 month star 12 month star
 Location: Newcastle, UK
 Posts: 2,640
  Send a message via MSN to m80arm Send a message via Skype™ to m80arm
 Reputation: m80arm is just really nicem80arm is just really nicem80arm is just really nicem80arm is just really nice (359)
Default Re: RSA SecureID

What's an aventail?

With the agents we use (These run on servers in the DMZ) you specify which servers are the agents primary and secondary i.e. which one it should contact first and then second. These can be replica's or even the master.

Michael
__________________
Michael Armstrong
www.m80arm.co.uk
MCITP: EA, MCTS, MCSE 2003, MCSA 2003: Messaging, CCA, VCP 3.5, 4, 5, VCAP5-DCD, VCAP5-DCA, ITIL, MCP, PGP Certified Technician

** Remember to give credit where credit is due and leave reputation points To grant some reputation points to the user that helped you, just click on the little Yin-Yang icon on the right of the user's answer and follow the prompt. where appropriate **
  #7  
Old 1st March 2008, 22:48
will.ton will.ton is offline
Casual
Casual
 
 Join Date: Jan 2008
  6 month star 12 month star
 Posts: 40
 Reputation: will.ton is on a distinguished road (10)
Default Re: RSA SecureID

Aventail is a VPN appliance, but I can't remember if I could put multiple servers down. I know our Citrix and Cisco appliances should not be a problem. Thanks for the help.
Closed Thread


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
RSA / ACE Agent not updating with new server replica details m80arm Misc 6 17th January 2008 11:28


All times are GMT +3. The time now is 18:53.

Steel Blue 3.5.4 vBulletin Style ©2006 vBEnhanced
Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
 

Valid XHTML 1.0!   Valid CSS!

Copyright 2005 Daniel Petri