000022423 - Error: 'Access Denied  syntax error' appears in RSA ACE/Server log monitor after changing encryption keys on the ACE/Server and Network Access Server (NAS) device

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000022423
Applies ToRSA ACE/Server 5.0.1 (no longer supported as of 8-15-2004)
RSA ACE/Server 5.2
RSA Authentication Manager 6.0
Microsoft Windows
UNIX (AIX, HP-UX, Solaris)
IssueError: "Access Denied, syntax error" appears in RSA ACE/Server log monitor after changing encryption keys on the ACE/Server and Network Access Server (NAS) device
Error: "Access Denied, syntax error"
Authentication is successful using the previous encryption key on the NAS device
CauseRADIUS daemon requires restarting before new encryption keys take effect
ResolutionThis behavior is functioning as it was designed to.  You can change the RADIUS behavior and avoid restarting of the RADIUS daemon, hence the new encryption key applies immediately by changing the RADIUS configuration and disabling Cache.  The RADIUS Configuration Utility provides a way to disable Cache.  For Windows NT/2000, this parameter defined in Cache tab.  For UNIX systems, the Configuration Utility is rtconfig, located by default in
the ../ace/prog directory.

Full details on the RADIUS Configuration Utility can be found on page 289 of the "RSA ACE/Server 5.0 Administration Manual" document.
Legacy Article IDa10062