|Applies To||Check Point Firewall|
RSA ACE/Server 5.0.1 (no longer supported as of 8-15-2004)
Local test authentication works correctly
|Issue||Error: "Not acting server for this agent" appears in RSA ACE/Server activity log when SecurID authentication is tried (if RSA ACE/Agent is installed on any client machine, e.g. web servers, Windows or UNIX Agents)|
Added Check Point firewall as Agent host, generated configuration file, and copied file to firewall
|Cause||The name of the ACE/Server in replica table does not match with the name of acting master server in ACE/Server configuration management.|
|Resolution||The hostname of Acting Master in ACE/Server configuration should be changed to match the replica table.|
a. On UNIX ACE/Server:
./sdrepmgmt list | more
Verify the hostname of the primary server in replica table.
Compare the primary server name in ./sdinfo acting master server field.
If the name does not match, edit the etc/hosts file. Add the hostname identical to the name in replica table.
Run ./sdsetup -config
Stop and Start the ACE/Server
Run ./sdinfo | more
Verify the name is matching with the hostname in replica table
b. On NT ACE/Server:
Start -->run -->cmd -->cd \ace\prog
sdrepmgmt list | more
Verify the hostname of the primary server.
Compare the primary server name in ACE/Server configuration Management in the acting master server field.
If the name does not match, edit the Winnt/system32/drivers/etc/hosts file.
Add the IP address and hostname identical to the name in replica table.
Edit the ACE/Server Configuration Management.
|Legacy Article ID||a6049|