Forum Discussion
Yashwardhan_Pra
Nimbostratus
NimbostratusFirePass VPN: "STATE" attribute issue with second factor authentication (Access-Challenge mode)
Hi,
When Validation Server is running in Access-Challenge mode, it validates the username, password sent in the first radius request. If the provided username, password provided in the first radius request is valid, then radius access challenge will be thrown to the client. Radius Access challenge message will have ‘STATE’ attribute as per RFC.
When client responds to radius Access-Challenge, it should include the “STATE” attribute value which it received in Access Challenge message.
Current firepass vpn is not including the “STATE” attribute in second radius request which is it received as part of radius Access-Challenge packet.
Because of this Validation Server is treating the second radius request as one having username and LDAP password.
Has anyone observed this issue earlier? Is there any solution for this?
Please reply back ASAP.
With Regards,
Yashwardhan Pradhan
8 Replies
Mike_61719Cirrus
I would talk to support about this issue. What version of Firepass are you running?
Yashwardhan_PraHi Mike,
We are running -
FirePass Virtual Edition (VE)
Version - FirePass 7.0.1
With Regards,
Yashwardhan Pradhan- Yashwardhan_PraHi Mike,
Any update on this?
With Regards,
Yashwardhan Pradhan - Yashwardhan_PraHI F5 TEAM,
IS THERE ANY SOLUTION FOR THIS ISSUE?
WITH REGARDS,
YASH PRADHAN - Yashwardhan_PraHI F5 TEAM,
IS THERE ANY SOLUTION FOR THIS ISSUE?
WITH REGARDS,
YASH PRADHAN - Yashwardhan_PraHI F5 TEAM,
IS THERE ANY SOLUTION FOR THIS ISSUE?
WITH REGARDS,
YASH PRADHAN - Yashwardhan_PraHI F5 TEAM,
IS THERE ANY SOLUTION FOR THIS ISSUE?
WITH REGARDS,
YASH PRADHAN - Mike_61719Posted By Yashwardhan Pradhan on 06/02/2011 10:54 PM
HI F5 TEAM,
IS THERE ANY SOLUTION FOR THIS ISSUE?
WITH REGARDS,
YASH PRADHAN
Yash, you're going to have to contact F5 support for further assistance with this.
