Article Number
000014909
Applies To
Authentication Manager Version 8
RSA RADIUS Server
Issue
Connecting to the RSA RADIUS Server using https://(name or IP):1813 seems to allow login to a blank page
A security scan shows 1813/tcp is open
Cause
The RSA RADIUS Server is a specially licensed version of Juniper Steel-Belted RADIUS 6.1 . This product uses TCP/1813 for RADIUS Administration (it is not related to the RADIUS Accounting port UDP/1813). TCP Port 1813 will accept a https connection attempt, and it may look like the provided credentials have allowed a login because a blank page is displayed, however there has been no successful login. This can be confirmed by looking in /opt/rsa/am for the file (date).log , it will show failed authentications similar to:
01/09/2014 10:25:33 read access to URI '/' denied due to failed logon attempt
01/09/2014 10:25:46 read access to URI '/' denied due to failed logon attempt
01/09/2014 10:25:49 read access to URI '/' denied due to failed logon attempt
01/09/2014 10:25:49 read access to URI '/favicon.ico' denied due to failed logon attempt
Resolution
This is functioning as designed.
Notes
Blocking access to the port may seem like a suitable way to address the issue, but if there are , or may possibly be any Replica servers, all servers need to be able to reach all other servers on thisport, see the documentation for details.
AM-27788
