|Applies To||RSA ACE/Agent 4.4 for Windows NT (no longer supported as of 3-3-2003)|
|Issue||How to override the primary address with RSA ACE/Agent 4.4 for Windows NT|
Error: "Access Denied, bad user password"
Error: "Access Denied, PASSCODE Incorrect"
|Cause||The Primary address of the PC is used for encryption. If it does not match the IP address in the ACE/Server database the server will not be able to decrypt the user's PASSCODE or Password.|
|Resolution||The ACE/Agent allows you to specify which IP address to use irrespective of the machine's primary IP address. This is called the Address Override feature. After creating the client (or Agent Host) definition in the ACE/Server with the appropriate secondary nodes, do the following:|
1. Go to the Control Panel and open the RSA ACE/Agent applet.
2. Click on the Advanced tab.
3. Enter the IP address which represents the primary IP address as defined for the Client (or Agent Host) definition in the ACE/Server.
4. Click on Apply.
The ACE/Agent will store this address in the Registry for future use whenever making authentication requests to the ACE/Server.
Note: Different versions of the ACE/Agent have to be configured in different ways to do this. The following solutions deal with this for different versions of the ACE/Agent:
How to set an IP address override for an RSA ACE/Agent and RSA Authentication Agent
ACE/Agent 4.3 on NT or ACE/Agent 1.1 for Windows2000
|Workaround||On a multi-homed machine running NT, it is not possible to predict what the primary IP address will be when the machine is rebooted as this is dynamically allocated by the operating system on startup.|
|Legacy Article ID||a4482|