AnsweredAssumed Answered

AnyConnect VPN Authentication Failure

Question asked by Bryan Decker on Sep 1, 2017
Latest reply on Sep 13, 2017 by Erica Chalfin

I am having some trouble with a new setup for Cisco ASA AnyConnect Authentication. We are running 9.6(3) on our ASA, with Authentication Manager v. 8.2.

 

We pulled our AD structure in for our user source, and they are currently in SystemDomain by default. When I try to use the SecurID soft token with my pin to generate a passcode for AnyConnect, the monitor reports:

 

 

User "username" attempted to authenticate using authenticator "SecurID_Native". The user belongs to security domain "SystemDomain".

 

This says to me I haven't tied those two items (the authenticator and the security domain) together somehow. What have I missed?

 

Here is the full output from the console:

----------

Date & Time: 2017-09-01 15:44:21.934
Log Level: ERROR
Activity Key: Principal authentication
Description: User “bdecker” attempted to authenticate using authenticator “SecurID_Native”. The user belongs to security domain “SystemDomain”
Action Result Key: Failure
Result Key: AUTHN_METHOD_FAILED
Result: Authentication method failed
User ID: username
User First Name: Bryan
User Last Name: Decker
User Security Domain: SystemDomain
User Identity Source Name: Non GC Active Directory
Agent Type: 7
Agent Name: 10.1.0.1
Agent IP: 10.1.0.1
Agent Security Domain: SystemDomain
Authentication Method: SecurID_Native
Policy Expression: N/A
Argument 1: AUTHN_LOGIN_EVENT
Argument 2: 5
Argument 3: 1
Argument 4: N/A
Argument 5: N/A
Argument 6: N/A
Argument 7: N/A
Argument 8: N/A
Argument 9: N/A
Argument 10: N/A
Instance Name: blooper.stc.corp
Client IPv4: 10.1.0.1
Client IPv6: N/A
Server Node IP: 10.21.0.13
Additional Information: N/A
Actor GUID: 5e47325d0d00150a3cabfc244caa677d
Session ID: b79a3e020d00150a33c0c55e3898d8eb-zrEx2kzqbYug
Agent GUID: a0e2bd7b0d00150a2d58be1fd560731f

Outcomes