Hello, I have a strange problem on my system with RSA authentication interfaced to a Cisco Asa \\ Cisco ACS When I try to connect with Vpn connection, I receive Next Passcode request and I must re-enter key code to successfully connect. From the logs is clear that users do not have wrong password, can be a synchronization problem due to stick or it is a normal behavior? Thank you! Marco
Hi this sounds like the time maybe out of sunc on your devices. i would also try and sync the token through the rsa agent aswell and see if that helps the problem.
Flamer.
Sounds like the server is not synced to an external time source. If the time on the server is not kept accurate to UTC using NTP then it will not keep in sync with the RSA tokens. The server keeps track of how slow/fast the time is running on the tokens and adjusts for it, but if the servers time is not constant (runs slow then fast) then the RSA software on the server can't calculate the drift on each of the tokens correctly and you will constantly get Next Passcode. The clocks on servers and PC's are notoriously bad and ocillate quite a bit and external synchronization via NTP is required on an RSA server.
Hi, thanks a lot for your answer, I think that source of problem is internal clock of Rsa server. I will configure external and reliable Ntp Server. Marco
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.