RADIUS shared secret limitations of RADIUS clients configured with RSA Authentication Manager
Originally Published: 2014-10-21
Article Number
Applies To
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.x
Issue
- Users failed to authenticate with an error in authentication activity report, either from an historical report authentication activity report in the Security Console (Reporting > Reports) or from the real time authentication activity repoirt (Reporting > Real Time Activity Monitor > Authentication Activity Monitor)
Authentication method failed, passcode format error
- The RADIUS log (available from the Operations Console under Administration > Download Troubleshooting Files) shows:
Unable to find user <user name> with matching password
- Name resolution is confirmed for both forward and reverse lookup.
Cause
Resolution
RSA Authentication Manager supports shared secrets of up to 127 alphanumeric characters, including spaces and the following special characters:
~ ! @ # $ % ^ & *( ) _ + | \ = - ' { } [ ] : " ' ; < > ? / . ,
However, not all network access devices support shared secrets of up to 127 alphanumeric characters or the above special characters.
Implement shared secrets that are fully supported by RADIUS devices in your network.
Note that some special characters that are within a secret act as Linux escape characters. For example, an exclamation point can be the first or last character in a secret, but never embedded in it.
Notes
The version of RADIUS used by Authentication Manager was changed from SBR to FreeRADIUS in Authentication Manager 8.6.
Related Articles
RADIUS Clients Number of Views Troubleshooting RSA Authentication Manager 8.1 native SecurID and RADIUS authentication issues Number of Views Performing RADIUS authentication tests with NTRadPing to RSA Authentication Manager Number of Views "Invalid authentication handle" reported by the Cisco AnyConnect client when using RSA SecurID Access Cloud Authentication… Number of Views Radius Client Authentication failed For PIN+Token profile (New PIN Mode) with Cisco Anyconnect VPN Number of Views
Trending Articles
RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA Authentication Manager 8.9 Release Notes (January 2026) How to install the jTDS JDBC driver on WildFly for use with Data Collections in RSA Identity Governance & Lifecycle RSA Authentication Manager 8.8 Setup and Configuration Guide Artifacts to gather in RSA Identity Governance & Lifecycle
Don't see what you're looking for?
