RADIUS shared secret limitations of RADIUS clients configured with RSA Authentication Manager
Originally Published: 2014-10-21
Article Number
Applies To
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.x
Issue
- Users failed to authenticate with an error in authentication activity report, either from an historical report authentication activity report in the Security Console (Reporting > Reports) or from the real time authentication activity repoirt (Reporting > Real Time Activity Monitor > Authentication Activity Monitor)
Authentication method failed, passcode format error
- The RADIUS log (available from the Operations Console under Administration > Download Troubleshooting Files) shows:
Unable to find user <user name> with matching password
- Name resolution is confirmed for both forward and reverse lookup.
Cause
Resolution
RSA Authentication Manager supports shared secrets of up to 127 alphanumeric characters, including spaces and the following special characters:
~ ! @ # $ % ^ & *( ) _ + | \ = - ' { } [ ] : " ' ; < > ? / . ,
However, not all network access devices support shared secrets of up to 127 alphanumeric characters or the above special characters.
Implement shared secrets that are fully supported by RADIUS devices in your network.
Note that some special characters that are within a secret act as Linux escape characters. For example, an exclamation point can be the first or last character in a secret, but never embedded in it.
Notes
The version of RADIUS used by Authentication Manager was changed from SBR to FreeRADIUS in Authentication Manager 8.6.
Related Articles
RADIUS Clients Number of Views Performing RADIUS authentication tests with NTRadPing to RSA Authentication Manager Number of Views Add a RADIUS Client Agent Number of Views Radius Client Authentication failed For PIN+Token profile (New PIN Mode) with Cisco Anyconnect VPN Number of Views Adding a Palo Alto RADIUS dictionary to RSA RADIUS for RSA Authentication Manager 8.x Number of Views
Trending Articles
RSA Authentication Manager Upgrade Process RSA Release Notes for RSA Authentication Manager 8.8 RSA RADIUS Server service failed to start in the RSA Authentication Manager 8.1 Operations Console Microsoft Entra ID External MFA - Relying Party Configuration Using OIDC - RSA Ready Implementation Guide RSA Release Notes: Cloud Access Service and RSA Authenticators
Don't see what you're looking for?
