authentication with rsa token failed

Unanswered Question
Mar 21st, 2007

hello everybody,


we installed a new wlc 4404 for wireless access.before we installed autonomus AP and with this all works fine!

the problem is with the client authentication.


old installation: Odyssey Client<>AP<>ACS<>RSA Server


new installation: Odyssey Client<>LWAP<>4404WLC<>ACS<>RSA Server


when i authenticate with the old installation: Peap starting with odyssey client , i enter response and i am open authenticated

when i authenticate with the new installation:Peap starting with odyssey client, i enter response i can not authenticate always the popup window for enter the response (passcode) comes up!


whats the problem?

its strange, when i autenticated with the old installation then i change to new installation i dosent must authenticate again and it works over the new installation. i recive a new ip from the WLC pool. when i start the pc new and i will authenticate with the new installation its doesent work.


thanks for a response


nik





  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
ankbhasi Wed, 03/21/2007 - 23:46

HI Nik,


I beleive in your new setup your controller can ping/reach ACS?


Regards,


Ankur

n.steffen Thu, 03/22/2007 - 04:17

Hi Ankur,


Yes i can ping the ACS from WLC

ACS Software v 3.3

WLC Software 4.0.206.0


Nik

n.steffen Thu, 03/22/2007 - 11:24

Hello


new info from WLC authentication log:


Thu Mar 22 18:20:09 2007 [SECURITY] 1x_ptsm.c 407: MAX EAP retransmissions reached for mobile 00:18:de:a5:a4:ef

Thu Mar 22 18:20:06 2007 [SECURITY] 1x_bauth_sm.c 423: Backend Authentication SM: abortAuth: Authentication Aborted.

Thu Mar 22 18:19:59 2007 [SECURITY] 1x_ptsm.c 407: MAX EAP retransmissions reached for mobile 00:18:de:a5:a4:ef

Thu Mar 22 18:19:59 2007 Previous message occurred 2 times

Thu Mar 22 18:19:19 2007 [SECURITY] 1x_auth_pae.c 2448: Reached Max EAP-Identity Request retries (21) for STA 00:18:de:a5:a4:ef

Thu Mar 22 18:18:59 2007 [SECURITY] 1x_ptsm.c 407: MAX EAP retransmissions reached for mobile 00:18:de:a5:a4:ef

Thu Mar 22 18:18:59 2007 Previous message occurred 2 times

Thu Mar 22 18:18:51 2007 [SECURITY] aaa.c 661: Authentication succeeded for admin user 'admin'

Thu Mar 22 18:17:25 2007 [SECURITY] 1x_ptsm.c 407: MAX EAP retransmissions reached for mobile 00:18:de:a5:a4:ef

Thu Mar 22 18:16:45 2007 [SECURITY] 1x_auth_pae.c 2448: Reached Max EAP-Identity Request retries (21) for STA 00:18:de:a5:a4:ef

Thu Mar 22 18:16:32 2007 [SECURITY] aaa.c 661: Authentication succeeded for admin user 'admin'

Thu Mar 22 18:16:25 2007 [SECURITY] 1x_auth_pae.c 2448: Reached Max EAP-Identity Request retries (21) for STA 00:18:de:a5:a4:ef


n.steffen Tue, 03/27/2007 - 12:06

the problem is solved. we changed the timmer setting on wlc...

shinkang.seo Tue, 06/12/2007 - 21:38

Hi, I am also facing your problem which is little bit different. We can use Wireless for few hours however it did not last for a long time. Some user can use 2~3hours but suddenly request re-authentication. I would like to know what I can refer to solve this. Could you advise?

Our infrastructure is the same as you.

Actions

This Discussion

 

 

Trending Topics - Security & Network