09-23-2002 02:07 AM - edited 03-10-2019 07:03 AM
Hi !
I am using a Cisco ACS box combined with RSA ACE. Authentification is successful for the first time. But the router issues a callback and wants to authenticate twice. On the second attempt the tokencode is no longer valid - and callback is not successful because of the failure : RE-USE ATTACK
on the RSA ACE Server.
Why do I need a second authentification ? The call is successfully authenticated on the first time - why is there a second authentication needed ?
Thx Hans
09-27-2002 09:17 AM
You may need to configure Token Caching as shown here:
http://www.cisco.com/warp/public/129/25.html
http://www.cisco.com/warp/public/129/26.html#intro
You may also want to ask your RSA people if a similar feature is avalable in the ACE Server.
01-06-2003 03:49 AM
we are having the same problem you are describing .I see that your case is from september, did you solve it and how
thanks
guy
01-13-2003 05:48 AM
Hi,
You have to instruct the router to only authenticate on dialin and not on dialout with the following command:
ppp authentication pap callin
Also, you have to mak e sure that you use PAP (instead of the default CHAP) when authenticating with RSA tokens. Hope this helps,
Regards,
VS
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: