- Users failed to authenticate with an error in authentication activity report, either from an historical report authentication activity report in the Security Console (Reporting > Reports) or from the real time authentication activity repoirt (Reporting > Real Time Activity Monitor > Authentication Activity Monitor)
Authentication method failed, passcode format error
- The RADIUS log (available from the Operations Console under Administration > Download Troubleshooting Files) shows:
Unable to find user <user name> with matching password
- Name resolution is confirmed for both forward and reverse lookup.
RADIUS client devices have some limitations for shared secrets.
Do not use special characters like dollar sign ($) for RADIUS shared secrets.
RSA Authentication Manager supports shared secrets of up to 127 alphanumeric characters, including spaces and the following special characters:
~ ! @ # $ % ^ & *( ) _ + | \ = - ' { } [ ] : " ' ; < > ? / . ,
However, not all network access devices support shared secrets of up to 127 alphanumeric characters or the above special characters.
Implement shared secrets that are fully supported by RADIUS devices in your network.
Note that some special characters that are
within a secret act as Linux escape characters. For example, an exclamation point can be the first or last character in a secret, but never embedded in it.
Please refer to an external
RADIUS Overview document from Juniper Networks that includes details on RADIUS shared secrets.