When you generate the sdconf.rec file, use the MIP (Member IP) address of a VSX Gateway interface that connects to the ACE/Server. The SecurID encryption key is stored in the sdconf.rec file. Each VSX Cluster Member uses a different encryption key and node secret file. Configuring Shared AuthenticationĬonfigure shared authentication so that all the Virtual Systems on the VSX Gateway use the same encryption key to authenticate to the remote SecurID/ACE server. This key is unique per IP address, and is sent when it connects to the ACE/Server for the first time. The SecurID ACE/Server sends a shared key (called a "node secret") to its peer ACE/Clients. Contact Check Point Support for more information. Note - You can configure authentication for more than one ACE/Server in private mode. For High Availability configurations, the Virtual Systems on different VSX Cluster Members use the same encryption key. Each Virtual System uses a separate encryption key. Private configuration: Authentication servers are accessed directly by the Virtual System and use the Virtual System cluster IP address as the source address.The Virtual Systems on each VSX Gateway use the same encryption key. Shared configuration: All authentication servers are accessible by all Virtual Systems through the VSX Gateway.These are the options to enable connectivity between Virtual Systems and a SecurID ACE/Server:
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |