Does anyone have a working sample IOS router config for VPN 4.x client access using RSA SecurID ?
During authentication, the 4.x client simply hangs when it is supposed to prompt for change user pin. In the RSA log it shows a successful initial user authentication, and change user pin req'd. Thats it. On the client side it just hangs until the session times out. If I manually assign the pin at the RSA server to get the account past new pin mode, the subsequent authentications work fine.
These are my RADIUS related config lines I am using in the router:
aaa authentication login RSA group radius local
aaa authorization network remgroup local
aaa session-id common
crypto map FID_VPN client authentication list RSA
crypto map FID_VPN isakmp authorization list remgroup
RSA authentication works fine. Its just new pin mode and next token mode that freeze it up.
Any Thoughts ??