Page tree
Skip to end of metadata
Go to start of metadata

This article describes how to configure and enable to use Nexus OTP display cards.

Expand/Collapse All

Prerequisites

 Prerequisites

You have received:

  • the OTP cards
  • the seed import file

Step-by-step instruction

 Prepare the import file
  1. Export the import file from XLS to CSV, if needed.
  2. Make sure that there are no extra signs, for example quotation marks. Also remove any column headers. The import file shall now look like this (one row for each token:

88123DEDEFCB4880,ABCC00002023,ABCC00002023,e3050L,SDT1120A028022B,1,65535,021B153CFE1DEC523994D4C20CD4036794084172
78098DE18A1B4281,ABCC00002024,ABCC00002023,e3050L,SDT1120A028022B,1,65535,097F321DA23EDC523292C4C20CD4016794064999
...

 Log in to Hybrid Access Gateway administration interface
  1. Log in to the Hybrid Access Gateway administration interface with your admin user.
 Import OATH tokens
  1. Follow the instructions in Set up OATH tokens in Nexus Hybrid Access Gateway under header "Import OATH tokens to the Hybrid Access Gateway database" and in step 4 enter these values:

    Configuration parameterValueDescription
    Provider NameMy token providerA unique display name for the token provider
    OTP Length8The length of the OATH produced by the OATH device
    Delimiter,A "comma" sign, the symbol used to separate the fields in the text file
    TokenId position2The field position of TokenId within the token text file
    Seed Position7The field position of seed within the token text file
    Counter Position5The field position of counter within the token text file
  2. Do not check Seed and counter is base64 encoded.

 Create authentication method
  1. Follow the instructions in Set up OATH tokens in Nexus Hybrid Access Gateway under header "Enable OATH authentication" with these exceptions:
    1. Do not select Two Factor Authentication.
    2. Use default values.
 Assign an OATH device to a user
  1. Follow the instructions in Set up OATH tokens in Nexus Hybrid Access Gateway under header "Assign an OATH device to a user" and in step 4c enter the Token ID, for example, ABCC00002023.
  2. Now it should be possible to authenticate with the OTP display card using the pin provided in the PIN file.
 If the import fails

If the import fails, the OTP display card counter can be out of sync. The token must be re-synced. Follow these steps:

  1. In the Hybrid Access Gateway administration interface, go to Manage Accounts and Storage.
  2. Click User Accounts and search for and select a user account. Go to the PortWise Authentication tab.
  3. In the OATH section click the synchronize icon for the OTP display card and follow the instructions.