Please Read: Significant Update Planned, Migrating Forum Software This Month

See more
See less

Cisco ASA 5510

  • Filter
  • Time
  • Show
Clear All
new posts

  • Cisco ASA 5510

    Hello all,

    We have a Cisco ASA 5510 on 8.0[3]. we are integrating this with second factor vendor to provide extra security for our users via RADIUS

    In our lab setup, we are seeing strange behaviour.

    1) ASA sends access-request radius packet to the 2FA server
    2) 2FA server sends back an access-challenge packet back to the ASA

    We were expecting the ASA to display the message to the user to enter the challenge, instead it just comes back with

    ERROR: Authentication Challenged: No error

    Similar result if we are using the test radius as well. It seems like the ASA 5510 is not processing the access-challenge packet and treating it as reject?

    I looked around but could not seem to find any setting that disable access-challenge....

    any one seen this before?

  • #2
    Re: Cisco ASA 5510

    Hi Oxtail,

    We are having that exact problem also with another challenge-response radius server on the ASA 5505, Version 7.2.
    Our challenge response works perfectly with PIX-501 6.3.

    Have you made any progress?

    Many thanks!


    • #3
      Replace PIX SE440BX2 with Cisco ASA 5520

      Hi All,

      Urgent need advice and solution to my issue.

      I try replacing PIX SE440BX2 to Cisco ASA 5520.

      Before change to Cisco ASA 5520 all my internal servers are running fine.
      After replace the Firewall to a Cisco 5520

      Below are the funny and weird things I encounters

      1) Using Putty and SSH into one of internal Server call Jumpboard the Authentication become much slower and lagged compare to original setup that was using Cisco PIX SE440BX2

      2) Once able to authenticate through the Jumpboard server I try to jump in routers and Servers through SSH and Telnet even though able to get connected eventually but the Time taken is much slower compare to previous setup using Cisco PIX SE440BX2.

      Can anyone share with me how to overcome the above problem.

      Need urgent solution fast.

      Thank in advance