000012230 - Replica RADIUS not accepting authentication requests in RSA Authentication Manager 8.0

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000012230
Applies ToRSA Authentication Manager 8.0
RSA Authentication Manager 8.1
Replica RADIUS server.
Replica server has correct IP address and FQDN and is fully resolvable.
IssueHow to Fix the RADIUS configuration on a replica AM 8.0 or AM 8.1 Appliance.
RADIUS does not authenticate.
RADIUS not authenticating.
sbrepsetuptool.log WARNING: Failed to resolve FQDN.
Failed to initialize communications for SecurID authentication (result = 23).
Unable to find user <username> with matching password.
CauseThe replica Authentication Manager server was configured before DNS was properly configured for the replica.  This causes the sbrsetup tool to fail the lookup of the replica server on the primary.

To resolve:

On the problem replica server (NOTE: Some of these commands begin with the characters "./"):

1. Establish an ssh session as the user "rsaadmin"

2. cd /opt/rsa/am/server 

3. ./rsaserv stop radius 

4. ./rsaserv stop radiusoc 

5. cd ../radius 

6. ./sbrsetuptool -identity REPLICA 

7. cd ../server 

8. ./rsaserv start radius 

9. ./rsaserv start radiusoc 

Legacy Article IDa65370