Authentication fails with error NS_MISMATCH_SERVER_HAS_BUT_AGENT_DOESNT

3 years ago

Originally Published: 2015-07-30

Article Number

000049746

Applies To

RSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 7.1 SP4

Issue

All authentications from an agent are failing.

The authentication activity log or real-time activity monitor, are reporting the following error codes:

AUTH_NODE_VERIFICATION 23005 2
NS_MISMATCH_SERVER_HAS_BUT_AGENT_DOESNT

Cause

Message id AUTH_NODE_VERIFICATION means "The agent's node secret stored on the server is not the node secret used to encrypt the packet."

The result NS_MISMATCH_SERVER_HAS_BUT_AGENT_DOESNT means "Node secret mismatch: cleared on agent but not on server". You should get this additional information if your search for the corresponding record (same date/time and agent IP address) in the authentication activity log.

These codes confirm that this particular authentication request did get through from the agent to the RSA Authentication Manager server or appliance, however the authentication failed due to the node secret issue.

Resolution

Clear the node secret for this agent on the RSA Authentication Manager server or appliance.

Notes

Refer the RSA Authentication Manager 7.1 Administrator’s Guide for more information about node secrets.
For instructions to clear the node secret for an agent, login to the RSA Security Console then from the Home tab click "All Help Topics" to navigate to RSA Security Console Help > Authentication Agents > Manage the Node Secret .

Don't see what you're looking for?

Related Articles

Trending Articles