Cisco AnyConnect sends multiple authentication requests to RSA Authentication Manager 8.4
Originally Published: 2019-11-05
Article Number
Applies To
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.4
Issue
In the authentication activity monitor there are multiple authentication requests. The first one succeeds and the other ones show messages such as passcode reuse or previous tokencode used. This issue is confirmed by tcpdump at the Authentication Manager using the following commands:
- SSH to the RSA Authentication Manager instance.
- Login as rsaadmin and enter OS credentials.
- Change to the root user.
- Navigate to /usr/bin.
- Run tcpdump.
login as: rsaadmin Using keyboard-interactive authentication. Password: <enter operating system password> Last login: Mon Jan 6 17:52:35 2020 from jumphost.vcloud.local RSA Authentication Manager Installation Directory: /opt/rsa/am rsaadmin@am82p: sudo su - rsaadmin's password: <enter operating system password> am82p:~ # cd /usr/bin am82p:/usr/bin # tcpdump -i eth0 -s 1514 -Z root -w /tmp/capture.cap tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 1514 bytes
- Test authentication through the Cisco AnyConnect.
- When done, navigate to /tmp and change file permissions.
am82p:/usr/bin # cd /tmp am82p:/tmp # ls -al capture.cap -rw-r--r-- 1 root root 1618 Jan 6 19:19 capture.cap am82p:/tmp # chmod 777 capture.cap
- Copy the capture to your PC and open it using Wireshark.
- Search for a duplicate request in the packet capture.
Cause
Resolution
- Login to the Cisco ASDM.
- Browse to Configuration > Remote Access VPN > Network (Client) Access > AnyConnect Client Profile and click to Edit the appropriate profile.
- Open the Preferences (Part 2) tab, set the Authenticate Timeout to 60
Related Articles
"Invalid authentication handle" reported by the Cisco AnyConnect client when using RSA SecurID Access Cloud Authentication… Number of Views Cisco ASA - RSASecurID Access Implementation Guide Number of Views How to publish CA certificate and user certificate under the same OU ? Number of Views Cisco AnyConnect client displays a second login prompt where RSA Authentication Agent 7.2.1 for Windows is installed Number of Views Radius Client Authentication failed For PIN+Token profile (New PIN Mode) with Cisco Anyconnect VPN Number of Views
Trending Articles
Passwordless Authentication in Windows MFA Agent for Active Directory – Quick Setup Guide RSA Authentication Manager 8.9 Release Notes (January 2026) RSA Authentication Manager Upgrade Process RSA Authentication Manager 8.7 SP2 Setup and Configuration Guide An example of SSO using SAML and ADFS with RSA Identity Management and Governance 6.9.x
Don't see what you're looking for?
