Article Content
Article Number | 000014874 |
Applies To | SecurID Appliance 3.0 Redhat Linux 5.1 RSA Authentication Manager 7.1 Cisco Wireless LAN Controller 4402 Cisco Security Services Client |
Issue | Cisco Wireless Client is not prompting for passcode using radius from Authentication Manager 7.1 Radius trace data from Authentication Manager 7.1 data indicates that the server sending the "Enter the Password" prompt instead of "Enter Passcode" prompt. Only the wireless clients using EAP-PEAP get password prompt. All other radius clients passcode prompt. The same wireless clients using EAP-PEAP get correct passcode prompt from radius server in RSA Authentication Manager 6.1 05/26/2009 10:11:08 000: 010b001d 06456e74 65722053 65637572 |.....Enter Secur| 05/26/2009 10:11:08 010: 49442050 41535343 4f44453a 20 |ID PASSCODE: | These lines are missing from Radius trace file from Auth manager 7.1 |
Cause | There is a difference in radius/peapauth.aut file between RSA Authentication Manager 6.1 and 7.1. |
Resolution | On RSA Authentication Manager 7.1, log on to Operations console ----> RADIUS ---- > Manage Existing ------- > Select Primary Radius server ---> Click on Edit Server Configuration Files Edit Peapauth.aut file PEAP_Min_Version = 0 The changes made to configuration files will not be updated on replica. Copy peapauth.aut and ttlsauth.aut files from radius directory to replica servers manually. |
Legacy Article ID | a48150 |