We received "413 authentication failed" message from Cisco VPN client after entering TOKENCODE. The authenticaton activity report is below. What should we do?
Log Level: ERROR
Activity Key: Principal authentication
Description: User “test.user1” attempted to authenticate using authenticator “OnDemand”. The user belongs to security domain “SystemDomain”
Action Result Key: Failure
Result Key: AUTHN_METHOD_FAILED
Result: Authentication method failed
User ID: test.user1
User Security Domain: SystemDomain
User Identity Source: PharmavisionAd
Agent Type: 7
Agent Name: asa
Agent IP: 172.17.0.1
Agent Security Domain: SystemDomain
Authentication Method: OnDemand
Policy Expression: AUTHN_LOGIN_EVENT
Argument 1: 5
Argument 2: 1
Argument 3:
Argument 4:
Argument 5:
Argument 6:
Argument 7:
Argument 8: aba8d3ac020111ac125b7ef9f503cacb
Argument 9: <cell phone number>
Argument 10:
Instance Name: istsrdc200.local
Client IP: 172.17.0.1
Server Node IP: 172.17.1.26
More Arguments:
Actor GUID: ab7f7688020111ac11f408a728855658
Session ID: 16ca08961a0111ac0173c5b88d4ee364-wnxHs2TwiFDa
Agent GUID: ab87dcad020111ac1298dc79d74e7065
A case open by RSA. They checked and couldn't find any problems in the system and they adviced to check if ASA changed.
Our ASA software has been updated recently. We realized that the problem is beginning after this. New version ASA software is causing communication problem with RSA via SDI protocol. This finding has not been confirmed yet by Cisco. We changed the configuration by configuring RADIUS instead of SDI, then it is beginning to work properly.