Create a Post
Showing results for 
Search instead for 
Did you mean: 

Radius Challenge-Response issue with push token

I am trying to get VPN Radius authentication working with Gemalto SAS/STA cloud solution where I have a push token in use. This means I have two ways of authenticating:

- I open the token on my mobile and enter the display code when asked by VPN client for challenge

- instead of entering the code into the VPN, I can enter "p" so a push to my mobile is sent and can be accepted there.


Both versions work fine if I use multiple login options and first option is username/password and second is Radius.



But if I only use Radius only first option is working (entering code manually). Other option is failing with "negotiation with site failed".



I did a capture on the gateway with tcpdump to look for Radius traffic and found out that if I only enter a "p", there is no traffic to the radius servers generated. 


Has someone an idea who to cope with that?


I have tested this with R80.30 SmartCenter and following gateway versions:

- R80.30 JHF T50

- R80.10 JHF 169 + machine certificate authentication hotfix


0 Kudos
1 Reply

Sounds like a bug and you should probably open a TAC case.
0 Kudos