RADIUS Authentication Fails on an Authentication Manager Instance
a year ago
Article Number
000073018
Applies To

RSA Product Set:  SecurID
RSA Product/Service Type:  RSA Authentication Manager
RSA Version/Condition:  8.7 / 8.7 SP1 / 8.7 SP2
Platform: Linux

Issue

RADIUS authentication fails on an Authentication Manager instance. 

 

RADIUS client receives an 'Access-Reject' response to the RADIUS authentication.

 

Real-time authentication activity reports an authentication activity event. 

 - Activity: 'Authentication agent access check'

 - Reason: 'Authentication agent disabled'

 

For example:

Cause

The Authentication Manager instance authentication agent record was found to be disabled.

 

For example:

Resolution

Enabled the Authentication Manager instance by editing the authentication agent record.

 

Primary instance Security Console > Access > Authentication Agents > Manager Existing > left-click the hostname for the replica instance in the Authentication Agent column > Edituncheck 'Agent is disabled' > Save.

 

For example:

Notes

To open a real-time authentication activity monitor : Security Console > Reporting > Real-time Activity Monitors > Authentication Activity Monitor > as required, update monitor parameters ( e.g. Display Results, Number of Results, User ID, Authentication Agent, Token Serial Number or Server Node ) > Start Monitor

 

Consider the following where this article issue does not match the symptom you are experiencing:

 

1/ Enable RSA RADIUS debug and review the RSA RADIUS log file (/opt/rsa/am/radius/radius.log)

 - Article 000044158 - Enable RADIUS debug/verbose logs with all versions of RSA Authentication Manager 8.x at URL https://community.rsa.com/s/article/Enable-RADIUS-debug-verbose-logs-with-all-versions-of-RSA-Authentication-Manager-8-x.

 

2/ Use a test RADIUS client to send RADIUS authentications to RSA Authentication Manager.

 - Article 000040483 - Performing RADIUS authentication tests with NTRadPing to RSA Authentication Manager at URL https://community.rsa.com/s/article/Performing-RADIUS-authentication-tests-with-NTRadPing-to-RSA-Authentication-Manager

 

3/ Open a case with RSA Customer Support.

 - Information for contacting RSA Customer Support is available at URL https://community.rsa.com/s/news/how-to-contact-rsa-support-MCXZ5QDM4ZQZATLL3Y6NMQVUNYWE

Don't see what you're looking for?