Click here to Skip to main content
65,938 articles
CodeProject is changing. Read more.
Articles / Amazon

RSA SecurID Tokens – Setup on Amazon EC2

4.80/5 (2 votes)
26 Nov 2013CPOL5 min read 19K  
Setup RSA SecurID on Amazon EC2 Server

Recently I need to install RSA Authentication Manage 7.1 for one of my client. Previously I had installed Authentication Manager 7.1 on a Dedicated Server but this time I have Amazon EC2 server.

During my initial search RSA Support Team informed me that they do not support Amazon EC2 server here is the response from one of their support representative

"I was told that Amazon EC2 environment is not supported by RSA Customer Support even you use Windows platform on it with Authentication Manager 7.1."

So I don’t have any option to try it myself or again go for a Dedicated Server. But I got success to install RSA Authentication Manager 7.1 on our Amazon EC2 server and communicate with another Amazon EC2 server for authentication request.

Here are the steps which I perform to make RSA Authentication Manager 7.1 run on Amazon EC2 Server.

Step – 1

Choose a Cloud Instance: Amazon provides Instances in two supported platforms EC2-Classic and EC2-VPC. You can read details about both type of instances at Amazon EC2 and Amazon Virtual Private Cloud (VPC).

Out of many benefits that EC2-VPC provide most important for us is "Assign static private IP addresses to your instances that persist across starts and stops" So we choose amazon EC2-VPC type instance

Step – 2

Amazon provides number of instance types you can read instance types provided by amazon at Amazon EC2 Instances. I had taken M1 (Windows 2008 Server R2)type of server because of RAM. RSA Authentication Server 7.1 requires more than 2 GB RAM.

Step – 3

Change the Server Name from default server name to a proper name like I had given "RSA" name to my server.

RSA SecurID Change Server Name

RSA SecurID Change Server Name

After this you need to restart your server.

RSA SecurID Server Name Changed

RSA SecurID Server Name Changed

Step – 4

Provide Domain suffix for this windows 2008 sever instance. Type your domain name on which your RSA Authentication manager is going to hear authentication requests.

RSA SecurID Change DNS Suffix

RSA SecurID Change DNS Suffix

Step – 5

Download the RSA Authentication Manager 7.1 from your Download section of RSA Customer Portal.

RSA Authentication Manager 7.1 Installation

RSA Authentication Manager 7.1 Installation

Step – 6

Run the application file of RSA

RSA Authentication Manager Installation Confirmation

RSA Authentication Manager Installation Confirmation

Step – 7

Click on Install Now

RSA Authentication Manager 7.1

RSA Authentication Manager 7.1

Step – 8

Click Next

RSA Authentication Manager Installation

RSA Authentication Manager Installation

Step – 9

Select the region from which the software was ordered.

RSA Authentication Manager Select Region

RSA Authentication Manager Select Region

Step – 10

Accept the terms of the license agreement.

RSA Authentication Manager Accept Terms

RSA Authentication Manager Accept Terms

Step – 11

Select Primary Instance from the option of Installation Type.

RSA Authentication Manager Primary Instance

RSA Authentication Manager Primary Instance

Step – 12

Select the Directory Name

RSA Authentication Manager Select Directory

RSA Authentication Manager Select Directory

Step – 13

It will show you the fully qualified host name and private IP address.

RSA Authentication Manager Fully Qualified Name and IP Address

RSA Authentication Manager Fully Qualified Name and IP Address

Step – 14

Provide the license file to proceed.

RSA Authentication Manager Select License File

RSA Authentication Manager Select License File

Step – 15

It will show you the details from your License file.

RSA Authentication Manager License Details

RSA Authentication Manager License Details

Step – 16

Enter your User ID, Password, and confirm password. Keep it a secure place after installation you will be needing this to login RSA Security Console.

RSA Security Console User ID and Password

RSA Security Console User ID and Password

Step – 17

Please select or deselect any option from the list (better keep default).

RSA Authentication Manager Select Log Options

RSA Authentication Manager Select Log Options

Step – 18

It will show you the summary of installation

RSA Authentication Manager Details

RSA Authentication Manager Details

Step – 19

Installing RSA Authentication Manager 7.1

RSA Authentication Manager Installing

RSA Authentication Manager Installing

Step – 20

Update your domain to point towards the public IP of your EC2 Instance. We had our domain hosted at godaddy so we are changing it here. Also create A record for your instance name.

Public IP is elastic IP that you can take from Amazon and it will associated to your Amazon Instance. In this article we are not providing details of how to setup Amazon EC2 server. You can get this information from Amazon documentation or from google search.

Change Domain Details

Change Domain Details

Step – 21

Add Alternate IP in Instance Configuration for this use

  1. Login to RSA Security Console
  2. Select Setup
  3. Instances
  4. Your Instance
  5. Manage Nodes

Alternate IP for Instance

Alternate IP for Instance

Alternate IP for Instance

Alternate IP for Instance

Step – 22

After installation I need to generate add Authentication Agent to RSA Security Console.

  1. Login to RSA Security Console
  2. Select Access
  3. Authentication Agents
  4. Add new Authentication Agent

Add New Authentication Manager to RSA Security Console

Add New Authentication Manager to RSA Security Console

Add New Authentication Manager to RSA Security Console

Add New Authentication Manager to RSA Security Console

Step – 23

Generate the sdconf.rec file from RSA Security Console

  1. Login to RSA Security Console
  2. Select Access
  3. Authentication Agents
  4. Generate Configuration File

Generate & Download Config File from RSA Security Console

Generate & Download Config File from RSA Security Console

Step - 24

Download & Install the Web Agent from RSA Customer Portal

RSA Web Agent Files

RSA Web Agent Files

Step-25

RSA Web Agent Installation

RSA Web Agent Installation

RSA Web Agent Installation

Step-26

RSA Web Agent Click "Next" to proceed

RSA Web Agent Click Next

RSA Web Agent Click Next

Step-27

RSA Web Agent "Accept Terms"

RSA Web Agent Accept Terms

RSA Web Agent Accept Terms

Step-28

RSA Web Agent "Character Set"

RSA Web Agent  Character Set

RSA Web Agent Character Set

Step-29

RSA Web Agent will ask for the "sdconf.rec" file, which was downloaded from RSA Security Console through Generate Configuration File.

RSA Web Agent Browse Config File

RSA Web Agent Browse Config File

Step-30

RSA Web Agent will ask for select destination to install web agent.

RSA Web Agent Select Destination Folder

RSA Web Agent Select Destination Folder

Step-31

RSA Web Agent is ready to install.

RSA Web Agent Ready to Install

RSA Web Agent Ready to Install

Step-32

RSA Web Agent is installing

RSA Web Agent Installing

SA Web Agent Installing

Step-33

RSA Web Agent successfully installed.

RSA Web Agent Installed

RSA Web Agent Installed

Step -34

After RSA Web Agent Installation it will be displayed in Control Panel.

RSA Web Agent In Control Panel

RSA Web Agent In Control Panel

Step-35

To check the web agent open Control Panel and open RSA Authentication Agent

RSA Web Agent

RSA Web Agent

Step - 36

Click on Advance tab of RSA Authentication Agent, and enter the Public IP of RSA Authentication Server

RSA Web Agent Advance Setting

RSA Web Agent Advance Setting

Step-37

To check the authentication click on "Test Authentication with RSA Authentication Manager"

RSA Web Authentication Information

RSA Web Authentication Information

Step-38

Click on "RSA ACE/Server Test Directly"

RSA Authentication Check Access

RSA Authentication Check Access

Step-39

Enter your User Name & Password. On successful authentication it will show you this message.

RSA Authentication Successful

RSA Authentication Successful

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)