---

zanyterp wrote:
To my knowledge it should be working there.

---

Well.. it's the same problem on both Win7 and OSX Lion

"Credentials were invalid, please try again".

I'm on 7.2r1.1

I have to bump this one...

The RADIUS Access Challenge looks like this:

Type: 11 (Access-Challenge)
Id: 205
Length: 64
IPAddress: /10.201.1.215
Port: 57462
Attribute-Type : 18 (Reply-Message)
Attribute-Length: 34
Attribute-Value : "Please enter your onetime password"
Attribute-Type : 24 (State)
Attribute-Length: 6
Attribute-Value : "QhG511"

The Junos Pulse dialog says "Alert.Credentials were invalid. Please try again."

Obviously the RADIUS Reply-Message is not read and Junos Pulse is also showing the wrong response.

The Alert message from Junos Pulse can be discarded and the OTP can successfully be entered.

Note: The portal login also does not show the correcty RADIUS Reply-Message but some generic page (without an error though).

Is there something that can be done in the custom RADIUS rules?

what do you see on the web portal?

until it works on the web portal, pulse will not work either.

how are your radius rules configured?

Everything is working nicely in web-portal and NC, this has never been a problem.

The standard reply-message is shown (defender-page) and OTP can be entered.

Screenshot shows radius rules.

Unfortunately, I do not have a way to test this quickly to update on what might be happening.

How is your JTAC case looking on this? If you do not have one yet, I would recommend opening one