Cisco VPN integration with RSA Securid

Unanswered Question
Sep 29th, 2010
User Badges:

We are in the process of integrating the RSA Securid Software for VPN purposes.  Everything is working fine but we have noticed that we get 2 authentication messages from the RSA Appliance for each attempt.  The first if a success and then we get a failure.  Has anyone come across this before?  I don't think it is effecting the functionality but I just dont' want it to become an issue.  The setup is as follows:  Cisco ASA ---> ACS ---> RSA Server.  I have been told from RSA that this could be due to a radius timing issue between the ACS/ASA and RSA Server, is there anyway to see the timer for Radius on the ACS?


Thanks,


Joe

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Herbert Baerten Tue, 10/12/2010 - 01:18
User Badges:
  • Cisco Employee,

Hi Joe,


if it is caused by an ACS timeout, you should not only see 2 responses, but also 2 requests, I'm not sure from your description if that is the case.

If there is only one request and 2 responses, then clearly the RSA server is at fault.


To set the timeout on ACS go to External User DB -> DB configuration -> -> Configure -> Timeout


hth

Herbert

Actions

This Discussion