Solution:
This document assumes you have familiarity with your SecurID product and have added the Tokens and Users to the SecurID configuration. Please refer to your SecurID administration guide for more details or contact your RSA Support group.
Open the Database Administration
Select the Agent Host option
Add a new Agent Host
Name: Type in the Host name of the Perle as it appears in your host table entry (or DNS).
The Network Address will be automatically entered as the SecurID utility will obtain it from the host table. Note that the SecurID host must be able to resolve the IP address. Do not configure the IP address manually.
Agent Type: Select Communication Server
Encryption Type: select the type as configured in the Perle configuration
The Node Secret Created checkbox will initially be unchecked and greyed out indicating that it will resend the secret to the Perle on the next authentication request.
Select the User Activations button: Assign Users for this host
The next step only applies to SecurID v5.x:
Select Assign Acting Servers: Assign the Primary/Secondary Acting Server for this host from the drop down list.
FYI: Dialing in
When a Windows host dials into the Perle it must be configured to open a Terminal Window after dialing. This will permit the dial in client to interact with the ACE/Server for PASSCODE authentication. Enable the Terminal Window through the Dialup Networking connection properties.
Note: The RSA EAP module is not supported.
Use the SecurID Activity Log to troubleshoot problems as it will log the negociation between the Perle/SecurID and DialInClient/SecurID.
Node Verification Failed
The Node Secret is mismatched or the Encryption Type configured in the Agent Host is mismatched.
> Reset the Node Secret in the Perle configuration and uncheck "Node Secret Created" in the ACE/Server Agent Host configuration.
> Verify that the Encryption Type in the Perle configuration matches the ACE/Server Agent Host configuration.
Agent Host has no acting servers
The ACE/Server (version 5.x) Agent Host configuration is incomplete
> Edit the ACE/Server Agent Host and go to "Assign Acting Servers" and select the ACE/Server for authentication.
Terminal Window reports "No ACE Server available" and no messages logged in the ACE/Server Activity Log
The Perle configuration is incorrect for the IP address of the ACE server or using the wrong UDP port.
The ACE server is not started.
The Perle has not been created as a new Agent Host.
> Verify the Master or Slave SecurID configuration in the Perle
> Verify that the RSA SecurID service is started. The SecurID Activity Log will record "ACE/Server is authenticating" when the service is started.
> Verify the Agent Host entry in the ACE/Server