cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1733
Views
0
Helpful
5
Replies

sdi authentication with 3030 concentrator os version 3.5.3

jwanker
Beginner
Beginner

i am using 2 3030 concentrators doing native sdi authentication. os version 3.5.3. randomly, users will get authentication failures. i see a message in the log that the sdi server is unspecified, when in fact, it is working....other users are getting authenticated and i can ping the sdi server at the time of the failure.

5 Replies 5

paqiu
Beginner
Beginner

I have done some search in our database for your issue. I could not find any known issues with SDI authentication.

Are you using Security ID server? Is that server right behind the 3030 or several hops away.

Would you please adjust the authentication server timeout settings in the 3030 from default 3 secondsto 30 seconds see any improve ?

yes, there are a few hops between the vpn box and the sdi server. i will increase the time out to 30 seconds and see what happens. thanks.

i tried this and still get the same results.

michael.arthur
Beginner
Beginner

I've had the same problem, and in each case (without exception) the problem has been user related. They had input either the wrong passcode, wrong pin, just the pin, just the code, yada yada. Even though it's tough to tell the users that they're putting in the wrong passcode, I'll bet that a review of the SDI logs will confirm it. The other thing to check is that your SDI server has a really accurate time reference - drift is bad in the RSA's world. If you're running on a WinTel box, check out analogx.com for a nice time sync program that's free. Best of luck.

thanks for the response. unfortunately, this happens when a correct pin and passcode is entered. we are going to look at the time synchronization.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers