Article Content
Article Number | 000014909 |
Applies To | Authentication Manager Version 8 RSA RADIUS Server |
Issue | Connecting to the RSA RADIUS Server using https://(name or IP):1813 seems to allow login to a blank page A security scan shows 1813/tcp is open |
Cause | The RSA RADIUS Server is a specially licensed version of Juniper Steel-Belted RADIUS 6.1 . This product uses TCP/1813 for RADIUS Administration (it is not related to the RADIUS Accounting port UDP/1813). TCP Port 1813 will accept a https connection attempt, and it may look like the provided credentials have allowed a login because a blank page is displayed, however there has been no successful login. This can be confirmed by looking in /opt/rsa/am for the file (date).log , it will show failed authentications similar to: 01/09/2014 10:25:33 read access to URI '/' denied due to failed logon attempt 01/09/2014 10:25:46 read access to URI '/' denied due to failed logon attempt 01/09/2014 10:25:49 read access to URI '/' denied due to failed logon attempt 01/09/2014 10:25:49 read access to URI '/favicon.ico' denied due to failed logon attempt |
Resolution | This is functioning as designed. |
Notes | Blocking access to the port may seem like a suitable way to address the issue, but if there are , or may possibly be any Replica servers, all servers need to be able to reach all other servers on thisport, see the documentation for details. AM-27788 |
Legacy Article ID | a63654 |