000018945 - How to override the primary address with RSA ACE/Agent 4.4 for Windows NT

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 4Show Document
  • View in full screen mode

Article Content

Article Number000018945
Applies ToRSA ACE/Agent 4.4 for Windows NT (no longer supported as of 3-3-2003)
IssueHow to override the primary address with RSA ACE/Agent 4.4 for Windows NT
Error: "Access Denied, bad user password"
Error: "Access Denied, PASSCODE Incorrect"
CauseThe Primary address of the PC is used for encryption.  If it does not match the IP address in the ACE/Server database the server will not be able to decrypt the user's PASSCODE or Password.
ResolutionThe ACE/Agent allows you to specify which IP address to use irrespective of the machine's primary IP address. This is called the Address Override feature. After creating the client (or Agent Host) definition in the ACE/Server with the appropriate secondary nodes, do the following:

1. Go to the Control Panel and open the RSA ACE/Agent applet.
2. Click on the Advanced tab.
3. Enter the IP address which represents the primary IP address as defined for the Client (or Agent Host) definition in the ACE/Server.
4. Click on Apply.

The ACE/Agent will store this address in the Registry for future use whenever making authentication requests to the ACE/Server.

Note: Different versions of the ACE/Agent have to be configured in different ways to do this. The following solutions deal with this for different versions of the ACE/Agent:

How to set an IP address override for an RSA ACE/Agent and RSA Authentication Agent

ACE/Agent 4.3 on NT or ACE/Agent 1.1 for Windows2000
WorkaroundOn a multi-homed machine running NT, it is not possible to predict what the primary IP address will be when the machine is rebooted as this is dynamically allocated by the operating system on startup.
Legacy Article IDa4482

Attachments

    Outcomes