Guest

Preview Tool

Cisco Bug: CSCvu70791 - Radius MS-CHAPV2 with challenge fails w/ Missing authenticator debug

Last Modified

Jul 17, 2020

Products (1)

  • Cisco ASA 5500-X Series Firewalls

Known Affected Releases

6.4(0)

Description (partial)

Symptom:
When a radius server is configured on FTD to use MS-CHAPv2 (mschapv2) and if the server after accepting the initial password then provides a challenge (for example when using a one-time password), then FTD will fail the second authentication request with the following debug message: Missing authenticator attribute. Failing authentication.

Conditions:
* Radius authentication with ms-chapv2 enabled (ie. password management enabled on the tunnel-group)

* Radius server sends challenge request

* Radius server sends final Access-Accept
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.