Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VPN Concentrator with RSA 2 Factor

I am wondering if anyone here has installed RSA Authentication Manager/SecurID with a VPN Concentrator ? Its doin' mi head in and i would really appreciate some assistance.

I have added the SDI Authentication Server into the VPN Concentrator however when i click on test and give it a username/password i keep getting errors which are not making sense. I have searched everywhere but cannot find anything. Arggg.

Can anyone please point me in the right direction. Below are the errors for the VPN Concentrators Log

"1 04/21/2007 15:59:48.630 SEV=5 AUTHDBG/181 RPT=4

Node secret file AC1F5555.sdi not found. Requesting node secret

file from the SDI server ...

3 04/21/2007 15:59:56.600 SEV=5 AUTH/44 RPT=19

Unexpected SDI status value: 23

4 04/21/2007 15:59:56.600 SEV=4 AUTH/15 RPT=39

Server name = 172.*.*.*, type = SDI,

group = none (global server), status = Not-in-service

6 04/21/2007 15:59:56.600 SEV=4 AUTH/9 RPT=19

Authentication failed: Reason = Network error

handle = 240, server = 172.*.*.*, user = murphyw"

2 REPLIES
Hall of Fame Super Silver

Re: VPN Concentrator with RSA 2 Factor

Wayne

I work with a concentrator which uses RSA tokens for authentication (though I was not the one who installed it). My first guess is that there is a mismatch in configuration (either your concentrator is not pointed at the correct address for the RSA server or the RSA server does not have the correct address for your concentrator). If you believe that the addresses are correct, then my second guess would be that there might be a shared key mismatch between what you configured on the concentrator and what someone configured on the RSA server. And if you believe that both the addresses and the key are correct, then my other suggestion (based on experience) would be to have the administrator on the RSA server delete the node secret for your concentrator and have it rebuilt.

Try those and let us know if it helps.

HTH

Rick

New Member

Re: VPN Concentrator with RSA 2 Factor

Did you add the VPN as an agent host in SecuriD?

383
Views
0
Helpful
2
Replies
CreatePlease to create content