Any experience with RSA SecurID (VPN)?

Discussion in 'macOS' started by DotComCTO, Sep 22, 2006.

  1. DotComCTO macrumors 6502

    Joined:
    Aug 17, 2006
    #1
    I'm wondering whether anyone has any experience with connecting their Mac to their corporate network using RSA SecurID (RSA SecurID 6.1). I seem to be having issues with the built-in OS X VPN client. A call to Apple support did a whole lot of nothing for me.

    Someone in another forum suggested using the Cisco client, but I wasn't sure whether that was for some Cisco-specific product.

    The issue is that I get an error immediately upon connecting and don't even get a chance to enter my token code.

    Anyone have any insight here???

    Thanks.

    --DotComCTO
     
  2. szark macrumors 68030

    szark

    Joined:
    May 14, 2002
    Location:
    Arid-Zone-A
    #3
    Your best bet is to find out what software the IT department uses for Windows. If it is Cisco client software, use the links above. If it is Nortel Networks software, use the Apani VPN clients.

    I use the Apani client and it works great. (Admittedly expensive, but you should be able to convince your company to pay for it.)
     
  3. DotComCTO thread starter macrumors 6502

    Joined:
    Aug 17, 2006
    #4
    Thanks for the help, and believe me, I searched Google quite extensively before I made a post. I would consider trying the Cisco client; however, as I mentioned in my original post, we are not using a Cisco VPN solution. We are using RSA ACE server 6.1 along with Microsoft ISA 2004 & their PPTP VPN.

    I *could* try the Cisco solution, but was hoping to find someone with hands on experience.

    Thanks for the help!

    :cool:

    --DotComCTO
     
  4. DotComCTO thread starter macrumors 6502

    Joined:
    Aug 17, 2006
    #5
    Thanks for the help. Since I run the IT shop, I know exactly what we use! :D

    We are using RSA ACE server 6.1 along with Microsoft ISA 2004 & their PPTP VPN. The Windows client works without any issues, but the built-in Mac client generates an immediate error. I tried Apple support, but they don't provide support for their VPN client. They just redirected me to the vendor.

    If you've got any other suggestion, please send them my way!!

    Thanks again!

    :cool:

    --DotComCTO
     
  5. szark macrumors 68030

    szark

    Joined:
    May 14, 2002
    Location:
    Arid-Zone-A
    #6
    Just out of curiosity, what's the error that it generates?
     
  6. atmenterprises macrumors regular

    Joined:
    Jan 28, 2006
    #7
    I have one of those RSA keys for work to get through the VPN and I could never get it to work through OS X so I just run it through IE (through Windows installed under Parallels) and it works flawlessly. Believe me - I scoured the internet for days and days and couldn't find a solution.
     
  7. tjoynt macrumors newbie

    Joined:
    Mar 6, 2008
    #8
    Solution found

    I don't know if this will help any of the original posters, being a year and a half later, but maybe it will help others in the future. Similar to DotComCTO, I am using RSA Authentication Manager 6.1 along with Microsoft ISA 2006 its PPTP VPN. Users authenticate using a username and an RSA SecurID 700 token. The Mac OS X 10.3-10.5 VPN clients have a "SecureID" option, but failed immediately upon connection. RSA support was absolutely no help in the matter.

    The RSA SecurUD / ISA 2006 implementation guide published by RSA covers what is necessary to connect using the RSA Authentication Agent 6.1 for Windows client software, but leave out a crucial step that allows the Mac OS X client to connect as well. On page 15, step 18 of the guide, when you are configuring your Routing and Remote Access Policies, you are instructed to add only "RSA EAP - Protected OTP" to the "EAP Methods" of your VPN users policy. The windows authentication agent 6.1 software, can use the "RSA EAP - Protected OTP" method, but the Mac OS X VPN client software cannot. It expects the earlier "RSA Security EAP" method, which can be added in the same Routing and Remote Access Policies policy window in which "RSA EAP - Protected OTP" was added. Once this EAP method is added, Mac OS X 10.3+ VPN clients work flawlessly.

    A small but crucial tidbit of information RSA doesn't mention anywhere.

    I hope this helps someone!

    -T
     
  8. duffydj macrumors newbie

    Joined:
    Jul 11, 2008
    #9
    Perfect

    Just as Moby says in his shows:

    Thank you, thank you, thank you!
    It worked fine!!!!
    Cheers
     

Share This Page