Connecting to the RSA RADIUS Server using https://(name or IP):1813 seems to allow login to a blank page
3 years ago
Originally Published: 2014-01-09
Article Number
000040478
Applies To
Authentication Manager Version 8

RSA RADIUS Server

Issue
Connecting to the RSA RADIUS Server using https://(name or IP):1813 seems to allow login to a blank page

A security scan shows 1813/tcp is open

Cause
The RSA RADIUS Server is a specially licensed version of Juniper Steel-Belted RADIUS 6.1 . This product uses TCP/1813 for RADIUS Administration (it is not related to the RADIUS Accounting port UDP/1813).  TCP Port 1813 will accept a https connection attempt, and it may look like the provided credentials have allowed a login because a blank page is displayed, however there has been no successful login. This can be confirmed by looking in /opt/rsa/am for the file (date).log , it will show failed authentications similar to:
 
01/09/2014 10:25:33 read access to URI '/' denied due to failed logon attempt
01/09/2014 10:25:46 read access to URI '/' denied due to failed logon attempt
01/09/2014 10:25:49 read access to URI '/' denied due to failed logon attempt
01/09/2014 10:25:49 read access to URI '/favicon.ico' denied due to failed logon attempt
Resolution
This is functioning as designed.

Notes
Blocking access to the port may seem like a suitable way to address the issue, but if there are , or may possibly be any Replica servers, all  servers need to be able to reach all other servers on thisport, see the documentation for details.

AM-27788

Related Articles

Trending Articles

Don't see what you're looking for?