|Applies To||RSA Authentication Agent for Windows 6.1|
NAT (Network Address Translation) being performed for the Windows Agent
|Issue||How to configure Windows Agent v6.1 which has an external and internal IP address|
Error: "Access Denied, bad user password"
Error: "Access Denied, PASSCODE Incorrect"
|Cause||The IP address of the PC is used for encryption. If it does not match the IP address in the Authentication Manager database, the Authentication Manager will not be able to decrypt the user's PASSCODE or Password.|
The Agent allows you to specify which IP address to use irrespective of the machine's primary IP address. This is called the IP Address Override feature. After creating the client (or Agent Host) definition in Authentication Manager do the following as a Windows administrator:
The ACE/Agent will store this address in the Registry for future use whenever making authentication requests to the ACE/Server.
How to override the primary address with RSA ACE/Agent 4.4 for Windows NT
|Workaround||NAT Firewall changes the IP address for the Windows Agent machine. Authentication Manager server sees the 'external' IP address for the Agent.|
|Legacy Article ID||a35754|