000022178 - Cisco VPN 3005 authenticates to RSA ACE/Server on the first try  but does not store the node secret

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000022178
Applies ToCisco VPN Concentrator
Cisco VPN 3000
Cisco VPN 3005
RSA ACE/Server 5.2 
RSA Authentication Manager 6.0
IssueCisco VPN 3005 authenticates to RSA ACE/Server on the first try, but does not store the node secret
RSA ACE/Server log: First authentication looks normal with passcode accepted and node secret sent; the second authentication fails with error: "Node verification failed"
Node secret is never stored on the Cisco VPN
CauseThe default timeout for the sdi server on the Cisco was 1 second
ResolutionTo correct this issue, increase the timeout to 8 seconds.
Legacy Article IDa27211

Attachments

    Outcomes