Cisco VPN integration with RSA Securid

Unanswered Question
Sep 29th, 2010

We are in the process of integrating the RSA Securid Software for VPN purposes.  Everything is working fine but we have noticed that we get 2 authentication messages from the RSA Appliance for each attempt.  The first if a success and then we get a failure.  Has anyone come across this before?  I don't think it is effecting the functionality but I just dont' want it to become an issue.  The setup is as follows:  Cisco ASA ---> ACS ---> RSA Server.  I have been told from RSA that this could be due to a radius timing issue between the ACS/ASA and RSA Server, is there anyway to see the timer for Radius on the ACS?


Thanks,


Joe

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Herbert Baerten Tue, 10/12/2010 - 01:18

Hi Joe,


if it is caused by an ACS timeout, you should not only see 2 responses, but also 2 requests, I'm not sure from your description if that is the case.

If there is only one request and 2 responses, then clearly the RSA server is at fault.


To set the timeout on ACS go to External User DB -> DB configuration -> -> Configure -> Timeout


hth

Herbert

Actions

This Discussion