Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 7 subscribers
  • Views 4171 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

RSA-Authentication Manager und das RADIUS-Protokoll auf der UTM 9.

Sophos User3303

DE

Guten Tag, Wir haben ein solches Problem bei der Installation von RSA-Authentication Manager und das RADIUS-Protokoll auf der UTM 9.

Die RSA-Radius Server Installation war erfolgreich installier, aber nach dem Authentifizierungstest des Benutzers wird dieser Fehler angezeigt.

EN

Good day, We have such a problem when installing RSA Authentication Manager and the RADIUS protocol on the UTM 9. The RSA-Radius Server installation was successful, but this error is displayed after the user authentication test.

User authentication live log.

2020:11:13-09:11:42 fw1-1 aua[22600]: id="3006" severity="info" sys="System" sub="auth" name="Spawned child for authentication test"
2020:11:13-09:11:42 fw1-1 aua[22600]: id="3006" severity="info" sys="System" sub="auth" name="Bind test request: radius"
2020:11:13-09:11:42 fw1-1 aua[22600]: id="3006" severity="info" sys="System" sub="auth" name="Bind test successfull. Method: radius"
2020:11:13-09:11:50 fw1-1 aua[22607]: id="3006" severity="info" sys="System" sub="auth" name="Spawned child for authentication test"
2020:11:13-09:11:50 fw1-1 aua[22607]: id="3006" severity="info" sys="System" sub="auth" name="Authentication test request: m:radius, f:endpoint, u:testrsa, ip:0.0.0.0, host:"
2020:11:13-09:11:52 fw1-1 aua[22607]: id="3006" severity="info" sys="System" sub="auth" name="failed to recv packet from radius server: bad response authenticator (EBADAUTH)"
2020:11:13-09:11:52 fw1-1 aua[22607]: id="3006" severity="info" sys="System" sub="auth" name="Authentication test failed: failed to recv packet from radius server: bad response authenticator (EBADAUTH)"

RSA SECURITY CONSOLE - Authentication Monitor

Principal authentication User “testrsa” attempted to authenticate using authenticator “SecurID_Native”. The user belongs to security domain “SystemDomain” Authentication method failed, passcode format error testrsa fw1.domene.de 99.99.99.130 99.99.99.99 N/A



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to Sophos User3303

    Hello,

    the question is not about access rights, it is about the definition of the "agent" Identifier, which is one of several classes or modes that have to be defined on your RADIUS-Server. Your RADIUS-Server obviously expects a different kind of request.

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to PhilippRusch

    yes that is agent. I hereby send you a screenshot of the RSA SECURITY Console when I log in through Sophos test

  • 0 in reply to Sophos User3303

    Hello,

    you should try to find out what "Agent type 7" means. Your RSA server is complaining about the syntax, so I guess you are using the wrong agent type. Additionally, the agent name has to be one of those the SG uses (see PDF-Attachment)

    Sophos SG - Authentication Servers - RADIUS.pdf

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to PhilippRusch

    Agent Type 0 = Password authentication for the Security Console, Self-Service Console and Operations Console.
    Agent Type 7 = Authentication from authentication agents (i. e., Authentication Agent for Web, PAM, Windows, Native_SecurID, Local Authentication Client, etc) and from RADIUS clients.
    Agent Type 8 = Passcode authentication for the Security Console and the Self-Service Console.

Unfiltered HTML