Integrate Citrix NetScaler with RSA Authentication Manager 8.x
2 years ago
Originally Published: 2019-12-18
Article Number
000043078
Applies To
RSA Product Set: RSA SecurID
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.x
Issue
The RSA RADIUS log file is reporting the following message:
 
Truncated request (8 bytes) received from n.n.n.n, ignoring authentication request

 
Cause
These messages in the RSA RADIUS log file are a result of a RADIUS service monitor in the Citrix NetScaler polling the RSA RADIUS Authentication Manager instance. 
Resolution
See the Citrix documentation to correctly configure the RADIUS service monitor or disable the service health monitor in the Citrix NetScaler.

Learn more about Citrix NetScaler RADIUS monitoring information.
Notes
Download the Citrix Systems NetScaler Gateway RSA SecurID Access Implementation Guide.

Testing the RADIUS connection from the Citrix NetScaler

  1. Go to the NetScaler Gateway.
  2. Select Policies > Authentication > RADIUS > Servers.
  3. Open Server Properties.
  4. Select Test Connection.
User-added image
  1. With the following command using the CLI shell nstcpdump.sh -c 100 host 10.y.y.y you see the following log entries:
13:01:46.139063 IP 10.x.x.x.31191 > 10.y.y.y.1812: RADIUS, Access-Request (1), id: 0xe2 length: 50
13:01:46.139075 IP 10.x.x.x.53765 > 10.y.y.y.1812: RADIUS, Access-Request (1), id: 0xe2 length: 50
13:01:46.146058 IP 10.y.y.y.1812 > 10.x.x.x.53765: RADIUS, Access-Reject (3), id: 0xe2 length: 20
13:01:46.146062 IP 10.y.y.y.1812 > 10.x.x.x.31191: RADIUS, Access-Reject (3), id: 0xe2 length: 20

These are desired results. They show the Citrix NetScaler is sending an empty/invalid RADIUS authentication request in test, hence the Access-Reject.

Related Articles

Trending Articles

Don't see what you're looking for?