This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Knowledge Base

Find answers to your questions and identify resolutions for known issues with knowledge base articles written by SecurID experts.

New PIN Mode and Next Tokencode Mode fail after Cisco ASA upgrade to 9.1.7 in RSA Authentication Manager 8.x

Article Number

000032866

Applies To

RSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.x
Platform (Other): Cisco ASA 
O/S Version: ASA 9.1.7
 

Issue

New PIN Mode and Next Tokencode Mode always result in a failure when using Cisco clients after the recent upgrade to ASA 9.1.7.  After the upgrade:
  • Users are unable to set PINs for tokens.
  • Authentication failures when the next tokencode is entered.
The error shows on the Authentication Manager real-time activity monitor as follows: 

Passcode format error and authentication failure
On the Cisco client, the error is: 

Session operation failure processing request from agent



 

Resolution

This is Cisco bug CSCuy89425 (AAA: RSA/SDI unable to set new PIN), and it occurs with the RSA SecurID_Native protocol. 

Possible workarounds include:

  1. Switch to RADIUS protocol (as per the RSA SecurID Access Implementation Guide for the Cisco Adaptive Security Appliance (ASA)
  2. Authenticate from the Self-Service Console when a token is in New PIN Mode or Next Tokencode Mode.
For more details on how to resolve the issue for a Cisco VPN client or iPhone, review documentation for CSCuy89425 (AAA: RSA/SDI unable to set new PIN).
0 Likes
Was this article helpful? Yes No
No ratings

In this article

Version history
Last update:
‎2021-04-23 10:24 AM
Updated by:
Administrator Administrator

Related Content

© 2023 RSA Security LLC or its affiliates. All rights reserved.