000022771 - Error: 'Unexpected SDI value. #23' appears in Cisco VPN 3000 Concentrator logs

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 4Show Document
  • View in full screen mode

Article Content

Article Number000022771
Applies ToRSA Authentication Manager 6.1
Microsoft Windows Server 2003 SP1
Cisco VPN 3000 Concentrator
IssueError: "Unexpected SDI value. #23" appears in Cisco VPN 3000 Concentrator logs
VPN Client unable to authenticate, getting Network Error in Cisco logs
Cause

Cause 1: Authentication Engine is not started by default

Cause 2: A firewall between the Cisco VPN Concentrator and RSA Authentication Manager is blocking traffic

Cause 3: Node Secret cleared on agent but not on server  (or other Node Secret mismatch)

Resolution

Fix for Cause 1: Run RSA Authentication Manager Control Panel and ensure that all RSA Services are started

Fix for Cause 2: Open the traffic on port 5500/UDP from the Cisco VPN Concentrator to RSA Authentication Manager. For more information on which ports are used, see the solution regarding Which ports must be open on a firewall between RSA ACE/Server and ACE/Agent? 

Fix 3: Clear the Node Secrets, and do a test auth to set a new Node Secret

WorkaroundUpgrade from RSA ACE/Server 5.2 to RSA Authentication Manager 6.1
Legacy Article IDa30270

Attachments

    Outcomes