|Resolution||In the following scenario, test if the RSA Authentication Manager can receive UDP packets on port 5500. UDP 5500 is the default port and protocol that is used for agent authentication for RSA. The port number and the protocol can both be changed.|
- SSH or directly access a Linux machine (which may have the client on it) that can reach the RSA Authentication Manager server.
- Run the command echo "This is my data" > /dev/udp/<IP address>/<port> on the Linux machine. Be sure to change the IP address in the command to your RSA Authentication Manager IP address and change 5500 to the port being tested. For example,
echo "This is my data" > /dev/udp/192.168.231.5/5500
During Quick Setup, another username may have been selected. Use that username to log in.
- Launch an SSH client, such as PuTTY.
- Log in to the primary RSA Authentication Manager server as rsaadmin and enter the operating system password.
login as: rsaadmin
Using keyboard-interactive authentication.
Password:<enter operating system password>
Last login: Tue May 12 21:39:41 2020 from 192.168.231.1
RSA Authentication Manager Installation Directory: /opt/rsa/am
- Elevate privileges to root to run tcpdump.
- On the RSA Authentication Manager side, capture all traffic coming on port 5500 using the command tcpdump -i eth0 -n -vv -s 0 port 5500 and host <IP address>.
- After starting the tcpdump with the correct IP address for the agent, run the echo command from step 2:
rsaadmin@am82sp1:~> sudo su -
rsaadmin's password: <enter operating system password>
am82sp1:~ # tcpdump -i eth0 -n -vv -s 0 port 5500 and host 192.168.231.192
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
17:01:25.296635 IP (tos 0x0, ttl 64, id 31186, offset 0, flags [DF], proto UDP (17), length 44)
192.168.231.192.41668 > 192.168.231.5.5500: [udp sum ok] UDP, length 16
This shows that the RSA Authentication Manager server received the UDP packets.