Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

Radius Challenge-Response issue with push token

I am trying to get VPN Radius authentication working with Gemalto SAS/STA cloud solution where I have a push token in use. This means I have two ways of authenticating:

- I open the token on my mobile and enter the display code when asked by VPN client for challenge

- instead of entering the code into the VPN, I can enter "p" so a push to my mobile is sent and can be accepted there.

 

Both versions work fine if I use multiple login options and first option is username/password and second is Radius.

Unbenannt.JPG

 

But if I only use Radius only first option is working (entering code manually). Other option is failing with "negotiation with site failed".

Unbenannt2.JPG

 
 

I did a capture on the gateway with tcpdump to look for Radius traffic and found out that if I only enter a "p", there is no traffic to the radius servers generated. 

 

Has someone an idea who to cope with that?

 

I have tested this with R80.30 SmartCenter and following gateway versions:

- R80.30 JHF T50

- R80.10 JHF 169 + machine certificate authentication hotfix

 

Tags (3)
0 Kudos
1 Reply
Highlighted
Admin
Admin

Sounds like a bug and you should probably open a TAC case.
0 Kudos