Cisco IOS SSL VPN note

I just found CSD application in IOS SSL VPN needs a special link to configure CSD policies. There's no way to configure it via CLI.
Login “https://gateway_addr/csd_admin.html” to start the policy admin, the username is “admin”, and the password is enable password or enable secret of the router .
By default, the CSD policies deny all services enabled by SSL VPN.

WebVPN user name = phuc ; IP address = 47.1.1.2 ; context = SSLVPN
No of connections: 0
Created 00:06:40, Last-used 00:05:36
CSD secure desktop Disabled
CSD cache cleaner Disabled
CSD Session Policy
CSD Web Browsing Disabled
CSD Port Forwarding Disabled
CSD Full Tunneling Disabled
CSD File Access Disabled
User Policy Parameters
Framed IPv4 address = 255.255.255.255
Group name = SSL-Policy
Group Policy Parameters
banner = "This is default Policy Group"
url list name = "Internal"
url list name = "DMZ"
idle timeout = 3600 sec
session timeout = 43200 sec
port forward name = "Portlist"
nbns list name = "NBNS-SRV"
functions =
file-access
file-browse
file-entry
svc-enabled

citrix disabled
address pool name = "SSL-Pool"
default domain = "ccie.edu"
home page = "http://win2003/certsrv/mscep"

Cisco Secure Desktop (CSD) extends the security of SSL VPN technology. CSD provides a separate partition on a user’s workstation for session activity. This vault area is encrypted during sessions and completely removed at the end of an SSL VPN session.

Radius server and Cisco IOS 12.4-15(T)

I had this experience after sometime got problem b/w this IOS and ACS radius server, ACS TACAC S is still no issue. The communication is always got respond of failed decrypt.

Aug 2 07:45:05.173: RADIUS/ENCODE(00000000):Orig. component type = INVALID
Aug 2 07:45:05.173: RADIUS/ENCODE(00000000): dropping service type, "radius-server attribute 6 on-for-login-auth" is off
Aug 2 07:45:05.173: RADIUS(00000000): Config NAS IP: 172.16.45.5
Aug 2 07:45:05.177: RADIUS(00000000): sending
Aug 2 07:45:05.181: RADIUS(00000000): Send Access-Request to 192.168.1.219:1645 id 1645/11, len 50
Aug 2 07:45:05.181: RADIUS: authenticator 34 A3 1C B8 15 6E 99 72 - D1 78 5D C5 60 0B DE CF
Aug 2 07:45:05.181: RADIUS: User-Name [1] 6 "phuc"
Aug 2 07:45:05.181: RADIUS: User-Password [2] 18 *
Aug 2 07:45:05.181: RADIUS: NAS-IP-Address [4] 6 172.16.45.5
Aug 2 07:45:05.197: RADIUS: Received from id 1645/11 192.168.1.219:1645, Access-Reject, len 32
Aug 2 07:45:05.201: RADIUS: authenticator 81 12 BD 60 C8 C8 FE 77 - 8A D6 8F 84 0E 8E 99 AD
Aug 2 07:45:05.205: RADIUS: Reply-Message [18] 12
Aug 2 07:45:05.205: RADIUS: 52 65 6A 65 63 74 65 64 0A 0D [Rejected??]
Aug 2 07:45:05.205: RADIUS: response-authenticator decrypt fail, pak len 32
Aug 2 07:45:05.205: RADIUS: packet dump: 030B00208112BD60C8C8FE778AD68F840E8E99AD120C52656A65637465640A0D
Aug 2 07:45:05.217: RADIUS: expected digest: FFFFFFD012FFFFFFE42CFFFFFFECFFFFFFFA2EFFFFFF8105FFFFFFC5FFFFFF9DFFFFFFE8FFFFFFEDFFFFFFA4FFFFFF9B13
Aug 2 07:45:05.225: RADIUS: response authen: FFFFFF8112FFFFFFBD60FFFFFFC8FFFFFFC8FFFFFFFE77FFFFFF8AFFFFFFD6FFFFFF8FFFFFFF840EFFFFFF8EFFFFFF99FFFFFFAD
Aug 2 07:45:05.237: RADIUS: request authen: 34A31CB8156E9972D1785DC5600BDECF
Aug 2 07:45:05.241: RADIUS: Response (11) failed decrypt
Aug 2 07:45:10.089: RADIUS: Retransmit to (192.168.1.219:1645,1646) for id 1645/11
Aug 2 07:45:10.109: RADIUS: Received from id 1645/11 192.168.1.219:1645, Access-Reject, len 32
Aug 2 07:45:10.113: RADIUS: authenticator 81 12 BD 60 C8 C8 FE 77 - 8A D6 8F 84 0E 8E 99 AD
Aug 2 07:45:10.117: RADIUS: Reply-Message [18] 12
Aug 2 07:45:10.121: RADIUS: 52 65 6A 65 63 74 65 64 0A 0D [Rejected??]

I had to configure aaa server on routers with "non-standard" keyword, ex:
"radius-server host 192.168.1.219 auth-port 1645 acct-port 1646 non-standard key shasta"

Everything works fine after that. There's no problem like that with IOS 12.4-10 main version.