Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

Why Is the Node Secret Invalid on an ACE Server?



Article ID: KB6496 KB Last Updated: 02 Aug 2010Version: 5.0

Why Is the Node Secret Invalid on an ACE Server?

Symptoms & Errors:
  • Node secret invalid on ACE server
  • Gets login prompt, but authentication fails
  • Debug auth 10 output:

BuildPacket: NEED node secret

  • AceSetUsername: hAsynUser (8040717c, 0)
  • AceSetPasscode: hAsynUser (8040717c, 0)
  • AceCheck: hAsynUser (8040717c,0)
  • BuildPacket: NEED node secret
  • AceClose: SdiHandle (8383f9d8, 2435)





note: This article applies to ScreenOS 4.0.0 and above.

note: The node secret must remain consistent with the Assured Computing Environment (ACE) server. If it does not, the communication between the NetScreen device and the ACE server will not work.

This situation can be identified by monitoring the ACE server log. Look for the message node secret invalid. If this occurs, clear the node secret on the NetScreen.

To reset the node secret, perform the following steps:

 Open the Command Line Interface (CLI). For more information, go to Accessing the Command Line Interface Using Telnet.

 Enter the following:

delete node_secret

 On the ACE server, in the Edit Client window, click to clear Sent Node Secret.

note: The NetScreen device will ask for the node secret, authorize the ACE server to give the client the new node secret, and then re-synchronize communication.

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search