adminbrooksw (Customer) asked a question.

August 29, 2024 at 2:56 PM
RSA authentication not working?

Hi friends, im in a pickle. We have RSA in our environment and it works on our current machines no issue. However, when I try to add a new machine authentication does not, Ive installed the agent onto the machine, Ive made sure the machine has the config files on it, when I log into the security console and look at authentication agent instances , there are no instances showing. Im not sure what I did wrong here but Id love some help? Why isnt the instance showing up when I test logon? but it works fine when I test using RSA control center? Deeply confused, any help would be appreciated. Am I missing a cert? Thanks!

  • 4 answers
  • 1.06K views

  • johnneset (Customer)

    [user reply partially edited by admin]

     

    RSA Agent? That's gone EOL-move to MFA Agent.

    I'm super confused why you'd ever do this manually. The agents have auto registration ability-we've leveraged that as long as we've had RSA-15yrs.

  • EricaChalfin (RSA)

    @adminbrooksw (Customer)​ ,

     

    Some questions:

    • What version of Authentication Manager?
    • What agent are you using (Windows, PAM, etc.)?
    • What agent version?
    • Is the agent set up to use UDP or REST?
    • Did you create an agent record in the Security Console (Access > Authentication Agents > Add New)?
    • Are you seeing any entries in the authentication activity monitor when testing your agent? If so, what messages do you see? Is a node secret being created?
    • Try running packet captures on the agent and on the server to see where the traffic is going and if it's being received. If you open the results in Wireshark filter on udp.port == 5500 and also on udp.port == 5555 to see what is happening.
    • If you are not seeing any entries, please look at any ACLs you have in place that could keep traffic on 5500 and 5555 from getting to the Authentication Manager server.
    Expand Post

    • adminbrooksw (Customer)

      • What version of Authentication Manager?-AM 8.7 SP1 P 03
      • What agent are you using (Windows, PAM, etc.)?-Windows
      • What agent version?- RSA MFA agent 2.3.3 and RSA authentication agent 7.47, RSA control center 8.6.4 192
      • Is the agent set up to use UDP or REST? UDP
      • Did you create an agent record in the Security Console (Access Authentication Agents > Add New)?- I did
      • Are you seeing any entries in the authentication activity monitor when testing your agent? If so, what messages do you see? Is a node secret being created?-I do not see any attempts on my test machine.
      • Try running packet captures on the agent and on the server to see where the traffic is going and if it's being received. If you open the results in Wireshark filter on udp.port == 5500 and also on udp.port == 5555 to see what is happening.-will update with results
      • If you are not seeing any entries, please look at any ACLs you have in place that could keep traffic on 5500 and 5555 from getting to the Authentication Manager server.

      Like

      Reply

      Select as Best

      Expand Post

    • adminbrooksw (Customer)

      I also checked the registry for differences in machines that work and dont work. In the machine that doesnt, its missing this: HKLM\ SOFTWARE\RSA\RSA Authentication Agent\AgentAutoRegistration.

      I will attempt to import it and test results.

Don't see what you're looking for?