Radius Authentication failing due to a possible protocol issue

Document ID : KB000115824
Last Modified Date : 26/09/2018
Show Technical Document Details
Issue:
If a Cisco ASA Appliance is being used for a CA Strong Authentication's RADIUS client call and the every request fails to authenticate with the following footprints then the Protocol used by the Cisco Appliance could be the issue. 


09/18/18 13:23:46.285 INFO  RADIUS       00008341 00019042 - RADIUS Protocol[requestIP=192.168.21.209]: Authentication Failed [5707].
09/18/18 13:23:46.290 INFO  RADIUS       00008341 00019042 - Txn-End : TxnID=19042 | ClientTxnID=[] | Processor=17 (AUTH_ARCOT_OTP) | Operation=1070 (AUTH_ARCOT_OTP_VERIFY) | Response=5707 (CREDENTIAL_INVALID) | Reason=0 (UNDEFINED) | RespSize=20 | Time=70 | DBT=25 | NQ=4 | ExtEvents={ NONE } | AddInfo=[NONE] | LTB=02185 | LNL=0016/0016 | LML=154
09/18/18 13:23:46.290 INFO  RADIUS       00008341 00019042 - About to read the data from socket on stream [0x7fbfa8001250]
09/18/18 13:23:46.290 INFO  RADIUS       00008341 00019042 - Txn-Begin : TxnID= | ClientTxnID=[<NA>] | Protocol=6 (RADIUS) | ReqSize=0 | TST=1971-01-01 00:00:00:0 ()
09/18/18 13:23:46.290 INFO  RADIUS       00008341 00019042 - Empty response payload is detected. Attempting to generate appropriate response.
09/18/18 13:23:46.290 INFO  RADIUS       00008341 00000000 - The request could not be processed by the protocol!.
Environment:
CA Strong Authentication using a RADIUS environment
Cause:
CA Strong Authentication supports only PAP (Password Authentication Protocol) protocol and using any other protocol (like CHAP) is not supported. 
Resolution:
Please ensure you are using PAP protocol to communicate via CA Strong Authentication's RADIUS client. 
Additional Information:
None.