Old Radius Shared Secret is still in use even after changing it in agent record from Security Console
Article Number
Applies To
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.6 and up
Issue
Explanation:
When changing radius shared secret, it will be updated in RSA Authentication Manager however
The old shared secret would still be used for an amount of time that can be configured using option “lifetime” in radius configuration file “dynamic-clients”.
This option is responsible on refreshing radius agents every certain time. (Default 600 seconds)
Resolution
Change “lifetime” to smaller value for IPv4. (This could be done for ipv6 if needed) > Save & Restart RADIUS Server.
For more information about “dynamic-clients” configuration file, please check the corresponding RSA Authentication Manager RADIUS Reference Guide.
Workaround:
Restarting radius service from CLI would refresh radius agent with new shared secret.
https://community.rsa.com/t5/securid-knowledge-base/how-to-stop-start-and-restart-rsa-authentication-manager-8-x/ta-p/5136
Related Articles
SecurID Access Application Portal still using old certificate after it was replaced Number of Views Radius agent uses old shared secret even after new shared secret is updated in Authentication Manager database Number of Views Information on Authentication Manager 8.x and the use of OpenSSL (old) Number of Views RSA Identity Governance & Lifecycle Attribute Change Rule for Managed Attributes with argument "Set to old value of" does … Number of Views Replaced default Web Tier certificate but old certificate is presented in RSA Authentication Manager 8.x Number of Views
Trending Articles
RSA Authentication Manager Upgrade Process RSA Release Notes for RSA Authentication Manager 8.8 RSA RADIUS Server service failed to start in the RSA Authentication Manager 8.1 Operations Console Microsoft Entra ID External MFA - Relying Party Configuration Using OIDC - RSA Ready Implementation Guide RSA Release Notes: Cloud Access Service and RSA Authenticators
Don't see what you're looking for?
