000030704 - Error "Authentication Rejected: AAA failure" on Cisco ASA after Authentication Manager 8.1 license change

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000030704
Applies ToRSA Product Set: SecurID

RSA Product/Service Type: Authentication Manager

RSA Version/Condition: 8.1
Issue-Authentication fails with Cisco ASA after recent license replacement.
-Error: "Authentication Rejected: AAA failure"
-Authentication from Cisco ASA was working normally, then suddenly stopped, no recent configuration change was done.
-Authentication suddenly stops from Cisco ASA side, when testing authentication, this error message is received : Error: "Authentication Rejected: AAA failure". No logs appear on the Authentication activity monitor. 
CauseSometimes this glitch happens on AM 8.1 after installing production license. Cisco ASA would be working fine with the evaluation license installed, and after license replacement, it stops. SSH to the appliance shows all services are running normally. 
ResolutionReboot the appliance. Go to the Operations Console > Maintenance > Reboot Appliance. Wait till it comes up then try to Authenticate again, it should work normally afterwards.