000020456 - Cisco VPN Client 5.0 fails New Pin Mode and Next Tokencode Mode with Cisco 3000 concentrater and Cisco ASA

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000020456
Applies ToCisco VPN 3000 Concentrator
Cisco VPN Client
RSA ACE/Server
Cisco ASA 5500 series VPN / firewall / router
IssueCisco VPN Client fails New Pin Mode and Next Tokencode Mode
New Pin Mode Authentication Fails on Cisco VPN Client. worked in previous version.
The Token Code  is entered correctly through the CISCO VPN Client v5.x for a user requesting SecurID authentication for the first time. However, when a  New PASSCODE is required prompting does not work or when (PIN + Tokencode) is entered, the user fails authentication.
CauseThis has been identified by Cisco as bug ID CSCsj23555 for the Cisco VPN client 5.0.

RSA Security has qualified CISCO VPN Client 3.x, 4.6, & 4.8 versions for CISCO 3000 VPN Concentrator for SecurID usage through our Partner Program with CISCO. Problems experienced with CISCO VPN Client 4.x upgrades other than 4.6 & 4.8 that have problems or later versions (I.E. 5.x) must be reported to the CISCO Technical Assistance Center (TAC). CISCO recommends upgrading to VPN client 5.0.05 or higher.
Please refer CISCO hardware and software support requests go to the CISCO Technical Assistance Center (TAC). Contact information is available on CISCO's web site at http://www.cisco.com/en/US/support/index.html.

NOTE: If you are using Cisco ASA, note that certain IOS versions may also cause problems with New Pin Mode. Refer to solution Cannot set new PIN with Cisco ASA (Adaptive Security Appliances)

Legacy Article IDa16998