000019341 - RSA ACE/Server RADIUS authentication fails when coming from Cisco Router

Document created by RSA Customer Support Employee on Jun 15, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000019341
Applies ToRSA ACE/Server 5.0.1 (no longer supported as of 8-15-2004)
RSA ACE/Server 5.0.2 (no longer supported as of 8-15-2004)
Microsoft Windows 2000
Cisco Router
RADIUS authentication against RSA ACE/Server RADIUS
IssueRSA ACE/Server RADIUS authentication fails when coming from Cisco Router
Error: "Access Denied, PASSCODE incorrect" when authenticating to RSA ACE/Server using a Token
Error: "Access Denied, bad user password" when authenticating to RSA ACE/Server using a static password
Successful authentication when authenticating using a Radius Test utility (i.e. NTRadPing)
CauseNo Secret key has been set on the Router or in the Agent Host definition for the ACE/Server (Primary and Replicas, if any)
ResolutionTo resolve the problem, set a secret key on the Router and on the Agent host definition for the ACE/Server (Agent Host -> Edit Agent Host -> Select the ACE/Server -> Assign/Change Encryption Key).

Note that the Secret Key has to match on the ACE/Server and on the Router.
Legacy Article IDa9114

Attachments

    Outcomes