11-07-2002 04:58 PM - edited 03-09-2019 12:59 AM
I'm testing with VPN 3005 v3.6.3, VPN Client v3.6.2(B) and SecurID 5.0.1 (UNIX). When trying to authenticate user I receive following sequence early on in the EVent Log on the VPN 3005:
2588 11/07/2002 16:45:18.380 SEV=9 AUTHDBG/174 RPT=494
Ace Agent transmitting to server <IP>
2589 11/07/2002 16:45:22.380 SEV=8 AUTHDBG/180 RPT=265
AUTH_SendLockReq(1dd9f70, 0, 0)
2590 11/07/2002 16:45:22.380 SEV=8 AUTHDBG/178 RPT=219
Sdi_lock(1dd9f70)
2591 11/07/2002 16:45:22.380 SEV=5 AUTH/44 RPT=219
Unexpected SDI status value: 23
Anyone know where can lookup these SDI status values or what "23" means? This was asked in another query but never answered.
11-07-2002 05:11 PM
The message you are receiving indicate an unreachable SDI server. This would indicate a communication issues between the concentrator and the SDI server. Most likely SDI server is not responding.
hope this helps,
-Nairi
11-07-2002 05:43 PM
Yes I can verify it fails because of Authentication Error: Network Error received during test. The SDI server is on same network as public-side of VPN. I can validate a user (I.e., authenticate) when connecting SDI directly (I.e., telnet).
What I'm curious about is if there might be a protocol mismatch. Below is log from "test" sequence. What I'm curious about is what is mean't when the SDI server is "bound"? Is that some level of network connection?
1 11/07/2002 17:23:59.320 SEV=8 AUTHDBG/1 RPT=39
AUTH_Open() returns 38
2 11/07/2002 17:23:59.320 SEV=7 AUTH/12 RPT=39
Authentication session opened: handle = 38
3 11/07/2002 17:23:59.320 SEV=8 AUTHDBG/3 RPT=59
AUTH_PutAttrTable(38, 8da00c)
4 11/07/2002 17:23:59.320 SEV=8 AUTHDBG/5 RPT=19
AUTH_Authenticate(38, 8efbf0, 6ba668)
5 11/07/2002 17:23:59.320 SEV=8 AUTHDBG/59 RPT=285
AUTH_BindServer(1de6a54, 0, 0)
6 11/07/2002 17:23:59.320 SEV=9 AUTHDBG/69 RPT=285
Auth Server e3eaf4 has been bound to ACB 1de6a54, sessions = 1
7 11/07/2002 17:23:59.320 SEV=8 AUTHDBG/65 RPT=285
AUTH_CreateTimer(1de6a54, 0, 0)
8 11/07/2002 17:23:59.320 SEV=9 AUTHDBG/72 RPT=285
Reply timer created: handle = 1C00018
9 11/07/2002 17:23:59.320 SEV=8 AUTHDBG/179 RPT=285
AUTH_SyncToServer(1de6a54, 0, 0)
10 11/07/2002 17:23:59.320 SEV=8 AUTHDBG/177 RPT=235
Sdi_init(1de6a54)
11 11/07/2002 17:23:59.320 SEV=9 AUTHDBG/168 RPT=260
Ace Agent building time request pkt ...
12 11/07/2002 17:23:59.320 SEV=5 AUTH/63 RPT=466
No usable servers found, using default (idx: 0)
13 11/07/2002 17:23:59.320 SEV=5 AUTH/62 RPT=464
Load balancing retrying another server ...
14 11/07/2002 17:23:59.320 SEV=9 AUTHDBG/174 RPT=516
Ace Agent transmitting to server
15 11/07/2002 17:23:59.330 SEV=9 AUTHDBG/173 RPT=26
Ace Agent: load balancing initiating auto detection to server
16 11/07/2002 17:23:59.330 SEV=9 AUTHDBG/168 RPT=261
Ace Agent building time request pkt ...
17 11/07/2002 17:23:59.330 SEV=9 AUTHDBG/174 RPT=517
Ace Agent transmitting to server
18 11/07/2002 17:24:03.180 SEV=9 AUTHDBG/175 RPT=257
Retransmitting pkt to server
19 11/07/2002 17:24:03.180 SEV=9 AUTHDBG/174 RPT=518
Ace Agent transmitting to server
20 11/07/2002 17:24:03.180 SEV=5 AUTH/63 RPT=467
No usable servers found, using default (idx: 0)
21 11/07/2002 17:24:03.180 SEV=5 AUTH/62 RPT=465
Load balancing retrying another server ...
22 11/07/2002 17:24:03.180 SEV=9 AUTHDBG/175 RPT=258
Retransmitting pkt to server
23 11/07/2002 17:24:03.180 SEV=9 AUTHDBG/174 RPT=519
Ace Agent transmitting to server
24 11/07/2002 17:24:07.180 SEV=5 AUTH/78 RPT=51
Suspending server
25 11/07/2002 17:24:07.180 SEV=8 AUTHDBG/180 RPT=279
AUTH_SendLockReq(1de6a54, 0, 0)
26 11/07/2002 17:24:07.180 SEV=8 AUTHDBG/178 RPT=229
Sdi_lock(1de6a54)
27 11/07/2002 17:24:07.180 SEV=5 AUTH/44 RPT=229
Unexpected SDI status value: 23
28 11/07/2002 17:24:07.180 SEV=8 AUTHDBG/57 RPT=229
AUTH_Error(1de6a54, 0, 0)
29 11/07/2002 17:24:07.180 SEV=8 AUTHDBG/66 RPT=285
AUTH_DeleteTimer(1de6a54, 0, 0)
30 11/07/2002 17:24:07.180 SEV=9 AUTHDBG/74 RPT=285
Reply timer stopped: handle = 1C00018, timestamp = 2726470
31 11/07/2002 17:24:07.180 SEV=8 AUTHDBG/58 RPT=279
AUTH_Callback(1de6a54, 0, 0)
32 11/07/2002 17:24:07.180 SEV=4 AUTH/9 RPT=3
Authentication failed: Reason = Network error
handle = 38, server =
34 11/07/2002 17:24:07.180 SEV=8 AUTHDBG/2 RPT=39
AUTH_Close(38)
35 11/07/2002 17:24:07.180 SEV=8 AUTHDBG/60 RPT=285
AUTH_UnbindServer(1de6a54, 0, 0)
36 11/07/2002 17:24:07.180 SEV=9 AUTHDBG/70 RPT=285
Auth Server e3eaf4 has been unbound from ACB 1de6a54, sessions = 0
37 11/07/2002 17:24:07.180 SEV=8 AUTHDBG/10 RPT=39
AUTH_Int_FreeAuthCB(1de6a54)
38 11/07/2002 17:24:07.180 SEV=7 AUTH/13 RPT=39
Authentication session closed: handle = 38
10-24-2003 05:34 AM
Have you any idea as to why you would see Unexpected SDI status value:23 when trying to intially communicate for the first time from a Cisco VPN3000 concentrator and a RSA 5.1 AceServer. The VPN concentrator states in the logs that it is attempting to get its xxxxxx.sdi file. It then gives the SDI status error message. The RSA server does see the traffic and notes that the authentication fails
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide