RSA authentication fails only on inital log on page.
I am currently unable to authenticate users from the GINA page of the VMs that users are using.
I can test authentication fine from the RSA console once I log in as an admin but when I try from the initial log on page of their VMs, the Authentication manager does not even log a failure in the monitor.
Any advise would be greatly appreciated.
- Auth Agent
- Auth Manager
- Authentication Agent
- Authentication Failure
- Authentication Manager
- Community Thread
- Forum Thread
- RSA SecurID
- RSA SecurID Access
If the Authentication Requests are not showing up in the Real Time Monitor on the AM server, I'd check Agent Challenge settings first; in the RSA Control Center
If user not challenged, the Auth request goes to Windows or AD.
If user appears to be challenged, then set verbose logging on the agent in RSA Control Center and read the Auth log after the failure
Thanks for the information.
I checked those and they are all set as follows:
Challenge User option is checked to challenge all users except the domain admins and I checked all options under Tracing (also set Trace Levele to Verbose) but I still do not even get a failure log in the Activity Monitor.
We have been using this for months now and not sure why it started to have this issue.
It might be worth opening a support case to have your agent logs looked at.
The Authentication requests from a Windows Agent will be sent to UDP port 5500 on either the Primary or Replica(s), so you might need to check for Firewall changes blocking this.
If the firewall was allowing UDP 5500 port traffic through from your agent, the Server Environment status in the RSA Control Center should show your Primary and or replica, and if they are there you can see their IP addresses, so you could verify if they are correct (so that agent not sending to the wrong AM server due to old or incorrect sdconf.rec file)