Horst, Was the node secret send successfully? If not, make sure the agent host is set up with the correct ip.
HTH Yim --- Russell Aspinwall <[EMAIL PROTECTED]> wrote: > Hi Horst, > > Two things to try :- > > 1. Install the RSA Client onto the RSA Server and > try and authenticate > locally. > if the RSA Client does authenticate using the > SecurID token then you > have a > RSA Server/Firewall issue. > if the RSA Client does NOT authenticate using the > SecurID token then > do step 2 > > 2. Configure a Password for a user and then > authenticate locally as > above then > test a password with the client with the Firewall > cluster. If both > work then > you have a RSA Server/Token issue, in that the > Ace Server can not > calculate > the passcode generated by the token. > > The token generates a passcode which is generated > from time and a secret > code embedded in the token. The Ace Server knows the > secret code > embedded in the token and so can calculate the > passcode generated by the > token. If by setting a password the authentication > works, then the > problem could be the Ace Server has the incorrect > secret codes for the > token that you have. > > Try setting the token to new Pin Mode and see if you > can set the PIN for > a user, you may find you can but can then not > re-authenticate. > > Regards > > Russell > > Horst Moll wrote: > > > > Hi folks, > > > > I'm trying to authenticate users directly on a RSA > server with using SecurID > > protocol instead of authenticate them on the > firewall cluster directly. > > I followed the configuration manual provided by > Check Point, but I it still > > doesn't work. > > Currently i can see that there is a communication > between the firewall > > cluster and the RSA server, but the RSA server > still brings the error > > message: Acess Denied - WRONG passcode! > > OK, that means the server communicate, but they > are not talking with the > > same language! > > Has anyone an idea how I can find out more what's > going wrong? Or has anyone > > an idea how to solve my problem? > > :-)Horst > > > > ================================================= > > To set vacation, Out Of Office, or away messages, > > send an email to [EMAIL PROTECTED] > > in the BODY of the email add: > > set fw-1-mailinglist nomail > > ================================================= > > To unsubscribe from this mailing list, > > please see the instructions at > > http://www.checkpoint.com/services/mailing.html > > ================================================= > > If you have any questions on how to change your > > subscription options, email > > [EMAIL PROTECTED] > > ================================================= > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= __________________________________________________ Do you Yahoo!? New DSL Internet Access from SBC & Yahoo! http://sbc.yahoo.com ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
