Environment is:
Netware 6.5 sp6
eDirectory 8.8 sp1 (tried 8.7.3.7 also)
Radius.nlm 4.14 (tried 4.15)
DAS Client Configuration: Generic Radius
DAP Configuration: Novell-eDirectory-Name (value=FDN)
Login policy rule sequence = digipass (enforcement=mandatory)
Security Services 2.04 ( ss204_nw )
Vasco Digipass NMAS Method: 3.31 (latest on website)
DGPLSM.NLM Version 2.00 (20 December 2005)
DGPLCM.NLM Version 2.00 (20 December 2005)
NMAS.NLM 3.1.3 (19 Feb 2007)
I've tested with Access Manager, NTRADPING & Vasco Radius Client Simulator
and keep getting the above error.
It would help greatly if anyone that has a working configuration could
post their configuration details and version so I can work out whats going
wrong.
thanks in advance.
I'll be trying a Vasco token config for BMgr VPN login soon, and
perhaps could help once I get into this and understand better how it
works.
Craig Johnson
Novell Support Connection SysOp
*** For a current patch list, tips, handy files and books on
BorderManager, go to http://www.craigjconsulting.com ***
Let me ask Novell on it.
Have you tried contacting Vasco on this one?
I'm wondering if there is an issue with the NMAS configuration, or if
there is just some limitation in the NetWare RADIUS being able to use
that method?
Tried any NMASMON debugging?
3987489
Perhaps there is some issue with the settings of the LCM?
There isn't any configuration that I'm aware of for the LCM module. It
does load ok, however it doesn't load from c:NWSERVER and doesn't appear
to be on the disk anywhere.
I've tried backrevving to an earlier version, however this NLM doesn't get
downgraded, even though I delete the method and sequence, is there a way
of clearing this?
Regardless, I believe I've pretty much exhausted Novell Knowledgebase and
Google, so this is why I'm asking if anyone has got a working
configuration so I determine what the differences are.
Makes me a bit nervous as I was about to try to get a Vasco token working
for C2S VPN.
I have a working system using an Aventail SSL/VPN, Vasco tokens and NW
Radius
My config: (pretty similiar to yours)
Netware 6.5 sp6
eDirectory 8.7.3.9
Radius.nlm 4.14
DAS Client Configuration: Generic Radius
DAP Configuration: Novell-eDirectory-Name (value=FDN)
Login policy rule sequence = digipass (enforcement=mandatory)
Security Services (could not see this in my nw product list?)
Vasco Digipass NMAS Method: 3.2
DGPLSM.NLM Version 2.00 (20 December 2005)
DGPLCM.NLM Version 2.00 (20 December 2005)
NMAS.NLM 3.1.2.0 (14 Oct 2006)
That error you get -1676 is pretty generic and you will also receive it
when authentication fails from a user typo - ie/ wrong NW password
and/or wrong token number.
Am not too sure as to what to ask you, as its been a while since I set
it up.
1. I assume you have a "digipass" entry as an "Authorized Login Method"?
2. "secret" password is set correctly (under DAS)
3. the "Security Policy" "Read Label" is set correctly? eg = biometric &
password & token, or whatever to suit you
Hopefully the above may help in starting to move forwards....