000025965 - Issue with RADIUS authentication in New PIN Mode  and no RADIUS administration possible

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000025965
Applies ToAuthentication Manager 6.1.2
Sun Solaris 10
RSA RADIUS Server 6.1.2 (5.2.0.2269) is running on UNIX and administered via remote admin
IssueRADIUS administration not possible, new pin mode with RADIUS client fails.
The Manage RADIUS console does not open on the Remote Administration Client
"Radius administrative Client failed to connect to RSA RADIUS Server "
RADIUS Authentication fails for tokens in New PIN Mode only
RADIUS Authentication works fine for tokens not in New PIN Mode
CauseRADIUS secret had become corrupted.
Resolution

Regenerating the node secret for the RADIUS Server solves both issues:

You can regenerate the node secret used to authenticate communication between

the RSA Authentication Manager and RSA RADIUS Server at any time.

To regenerate a node secret:

1 Stop the RSA RADIUS service/daemon on the RADIUS server.

2 Log into the RADIUS server as root (Solaris/Linux) or administrator

(Windows).

3 Navigate to the ..RSA Radius\Service (Windows) or

/opt/rsa/radius (Solaris/Linux) directory.

4 Run the rsainstalltool (Windows) or rsaconfiguretool

(Solaris/Linux) utility with the identity option.

To regenerate the node secret for a Primary RADIUS Server, enter the

following command:

# ./rsaconfiguretool -identity PRIMARY

To regenerate the node secret for a a Replica RADIUS Server, enter the following command:

# ./rsaconfiguretool -identity REPLICA

5 Restart the RSA RADIUS service.

Notes

See also https://knowledge.rsasecurity.com/docs/rsa_securid/rsa_auth_mgr/61/rsa_radius_admin.pdf 

Legacy Article IDa39774

Attachments

    Outcomes