000011563 - AM7.1: Error: AUTH_UDP_PACKET_CREATION

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000011563
Applies ToAuthentication Manager 7.1
RSA SecurID Appliance 3.0
IssueThe error in the Authentication Monitor/logs may happen right after they show a successful authentication. From the Client side, it shows Authentication failed.
Error: AUTH_UDP_PACKET_CREATION
Error: UDP Packet creation error
Cause

Several possible causes found in a particular case, it is currently unclear which combination of problems is the root cause: 

User Alias issue (see Primus A42385)

Node Secret mismatch,  System hardening or directory permissions prevent the Node Secret from being written

Node secret mismatch, manually created Node Secret

Bad name resolution, and misconfigured sdconf.rec file

Offline Auth/PW integration is enabled in an environment with NAT, or bad name resolution, especially with a bad sdconf.rec file.

Resolution

Fix server names and name resolution for both the agent and the servers. Make sure Alternate Ip Address (for the servers) is properly configured. Rebalance servers. Make a new sdconf.rec file and supply it to the agent, and delete sdstatus.12 .

If the Node secret was not written to the agent, especially if the Server indicates the node secret was sent, check permissions on the directory where the node secret should have been written. Consider temporarily removing system hardening.

Set the Agent's RSA Authentication Agent Offline Local service to Manual. Clear any existing Node Secrets at both ends, and test auth.

Legacy Article IDa46734

Attachments

    Outcomes