I have run into some issues when trying to authenticate wireless users against an RSA SecurID server and would appreciate any input from the community.
The RSA server configuration has been verified as correct, and the only real log as such (authentication monitor) shows:
User “me” attempted to authenticate using authenticator “SecurID_Native”. The user belongs to security domain “SystemDomain”. Not very helpful.
The ACS AAA log shows the following:
Jan 10,14 3:43:30.353 PM Radius authentication failed for USER: me MAC: 00-19-7e-88-5a-7b AUTHTYPE: EAP-FAST(EAP-GTC) Radius authentication failed.
Logged At: January 10,2014 3:43:30.353 PM
ACS Time: January 10,2014 3:43:30.343 PM
ACS Instance: wlan-acs-1
Authentication Method: PAP_ASCII
EAP Authentication Method : EAP-GTC
EAP Tunnel Method : EAP-FAST
ACS Username: me
RADIUS Username :
Calling Station ID: 00-19-7e-88-5a-7b
Framed IP Address:
Network Device: wlc-02
Network Device Groups: Device Type:All Device Types:5508
NAS IP Address: 10.201.30.129
NAS Port ID: 13
NAS Port Type:
Access Service: Default Network Access
Identity Store: rsaserver
Exception Authorization Profiles:
Active Directory Domain:
Access Service Selection Matched Rule: Rule-1
Identity Policy Matched Rule: Default
Selected Identity Stores: rsaserver
Query Identity Stores:
Selected Query Identity Stores:
Group Mapping Policy Matched Rule:
Authorization Policy Matched Rule:
Authorization Exception Policy Matched Rule:
CTS Security Group:
ACS Session ID: wlan-acs-1/178729561/86
Audit Session ID:
Other Attributes: ACSVersion=acs-126.96.36.199-B.221
If further information is needed, please let me know.
Thanks for your time.