000018638 - Firewall authentication causes 'Node verification failed'

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000018638
Applies ToCheck Point Firewall-1
Sun Solaris 2.6
RSA ACE/Agent installed on the firewall
IssueFirewall authentication causes "Node verification failed"
SecurID authentication using sdshell on the firewall works
Error: "Node verification failed" in ACE/Server activity monitor when authenticating using firewall
CauseAgent installation creates ace/data directory on the firewall. The node secret is created in the ace/data by authentication using sdshell. Firewall authentication needs a securid file in var/ace.
ResolutionA symbolic link should be created between var/ace and ace/data.

    ln -s <PATH>ace/data /var/ace

Workaround: Copy the securid file from ace/data to var/ace directory. But in this case securid file must be updated in var/ace directory each time the file is newly created in ace/data.

For additional information on Check Point configuration See also the Firewall Implemetation Guides.
Legacy Article IDa2247