How to Implement RSA SecurID via RADIUS with GoAnywhere Managed File Transfer

Posted on October 17, 2022

Fortra is an RSA® Ready certified partner and has integrated RADIUS and RSA SecurID© within GoAnywhere MFT. Organizations already using RSA Authentication protocols can now easily implement RSA SecurID as a login method to be used by Admin Users, Web Users or as a second login step for Web Users in GoAnywhere MFT.

RADIUS Configuration in GoAnywhere MFT

Text

Here is a quick walkthrough of the RADIUS configuration in GoAnywhere MFT as shown in the RSA Ready implementation guide.

Before you attempt to configure your software, always backup your files and be sure to consult the official implementation guide for further details and recommendations.

Image
RSA Radius SecurID GoAnywhere MFT Screens
RSA Radius SecurID GoAnywhere MFT Screens

By default, Admin User and Web User passwords are authenticated against the passwords stored in the GoAnywhere database. Optionally, you can configure GoAnywhere Login Methods for basic authentication of Admin User and Web User passwords against a RADIUS (RSA SecurID) server located within your organization. Web User accounts can also be authenticated to the HTTPS Web Client using RSA SecurID tokens. 

How to Set Up RADIUS (RSA SecurID) in GoAnywhere MFT

Text
  1. To add a RADIUS Login Method, log in to the GoAnywhere MFT Admin Server as an Admin User with the Security Officer role. Complete the required information.
  2. From the main menu bar, select Users, and then click the Login Methods Link.
  3. In the Login Methods page, click the Add Login Method link in the page toolbar.
  4. Select Basic Authentication from the Select Login Method Type page and then click Continue.
  5. Complete the required information:
    • Name - A unique name for the Login Method.
    • Description - The description field is optional text to describe the login method. Limited to 512 characters.
    • Type - The authentication type used by the Login Method. Choose RADIUS
    • Shared Secret - The shared secret provided by the RADIUS server. GoAnywhere automatically encrypts the shared secret with AES-256 bit encryption.
    • Host - The host name or IP address of the RADIUS server.
    • Port - The port number to use for connecting to the RADIUS server. If left blank, the default port number is 1645.
    • Timeout - The maximum amount of time, in seconds, to wait for a response from the RADIUS server. A value of 0 (zero) is interpreted as infinite timeout. The default timeout is 300 seconds
    • Retry Attempts - The number of times to retry the RADIUS connection if it cannot be established. This setting is used for both the initial connection and any reconnect attempts due to lost connections. If left blank, then no retries will be attempted.
  6. Click the Save button to save the settings.

 

Image
RSA Radius RSA SecurID GoAnywhere Managed File Transfer
RSA Radius RSA SecurID GoAnywhere Managed File Transfer

 If you need assistance with configuration of GoAnywhere MFT with RADIUS and RSA SecurID, our support team is ready to help. Visit our support page to get the help you need when you need it via email, phonelive online chatforums or our customer portal.