AnsweredAssumed Answered

Windows MFA Agent 2.0.1

Question asked by Hassan Mehsen on Oct 4, 2020

Dears,

 

We are trying to deploy MFA agent 2.0.1 for Windows which we are facing a very weird problem on few workstations,

 

The issue is that , after configuring the GPO parameters on the local workstation to push the authentication to CAS,  the RSA test tool is showing "Unsuccessful connection to RSA SecurID Access"

 

We have went through the following:-

  • In the GPO policy "RSA SecurID Authentication API REST URL," confirm that the value uses the following format: https://<hostname>:port/ where hostname is the Authentication Service Domain specified in the Cloud Administration Console or the Fully Qualified Domain Name specified in the Authentication Manager Operations Console. For Authentication Manager, you can enter up to 15 commaseparated URLs.
  • In the GPO policy "RSA SecurID Authentication API REST URL," confirm that the value exactly matches the key specified in the Cloud Administration Console or the Authentication Manager Security Console.
  • Confirm that the computer has internet connectivity and can access the RSA SecurID Authentication API REST URL.
  • l Ensure that the root CA certificate for Authentication Manager is installed properly in the Trusted Root Certification Authorities folder in the local machine context.

Which is already mentioned under the MFA agent 2.0.1 installation guide.

 

We have also took a Wireshark capture from the workstation itself filtering on the URL being used as the authentication server on the GPO parameters, which didnt show any packets going to this URL when pushing an authentication from the workstation using the RSA tool.

 

Enabled the verbose logging on the MFA agent which showed  the following error:-

2020-09-15 05:33:51.822 15580.1 [E] [RSA.Authentication.Connection.ConnectionHandler.GetConnection] No Servers Available for Authentication.

 

 

We have whitelisted the MFA agent from the endpoint protection software on the workstation itself unfortunately it didn't worked.

 

I have opened a case with RSA support team and till now no one is able to tell us what is happening on those workstations.

 

Our workstation is running Windows 10 latest patches and updates.

 

Anyone can help on this.

 

Thanks.

Outcomes