NEW PIN MODE

David Mitton david at mitton.com
Sun Sep 16 04:32:51 CEST 2012 

My information is 2 years old;

- RSA only supported SecurID its own EAP protocols, and provided  
Windows clients for such. (Win XP, Vista, 7)

- The RSA supported a RADIUS server which was a subset of the Funk SBR  
RADIUS server (now a Juniper product)  SBR included methods of their  
own development for SecurID authentication using PAP and/or GTC (I  
forget) that could be custom configured (prompt text, etc).

- These SecurID authentication techiques were supported by their  
Odyssey client, as well as including support for the RSA EAP methods  
(now a Juniper product)  This client ran/runs on platforms other than  
Windows.

Dave Mitton,
former RSA EAP developer.

Quoting Alan DeKok <aland at deployingradius.com>:

> aa ss wrote:
>> Already did and already made lots of tests. I'm using citrix   
>> netscaler as a client.
>> Citrix does not support directly securid, but need a radius   
>> integrated with RSA.
>> So i configured FreeRadius with SecurID and all work but "new pin mode".
>> I need to find a way to update pins, using also an alternative   
>> client that support NEW PIN and NEXT TOKENCODE. After examining   
>> lots of documentations, trying lots of configurations, i'm   
>> searching for peoples who have experience with similar needs, or   
>> someone that give me advices about using alternative clients only   
>> to update pins.
>
>   Then find another client.  The issue is with the client, not FreeRADIUS.
>
>> I'm posting here only as a "last solution" and only because i use   
>> freeradius as a frontend.
>> I already opened ticket with citrix and rsa, but no solution   
>> suitable for my needs.
>> I also already asked to me why i'm here, and if no one could reply   
>> to me "ok no problems", i will try again by myself.
>
>   There's really nothing we can do.  FreeRADIUS is a standards-compliant
> RADIUS server that does anything.  If the client vendors refuse to
> implement RADIUS, that's their problem.
>
>   If you have RSA, I'd suggest asking RSA about compatible RADIUS
> clients.  They should know.
>
>   Alan DeKok.
> -
> List info/subscribe/unsubscribe? See   
> http://www.freeradius.org/list/users.html
>

More information about the Freeradius-Users mailing list