Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
762
Views
0
Helpful
4
Replies

Authenticating, Authorizing VPN user with AAA

riteshmalpani
Level 1
Level 1

‎06-29-2009 12:52 AM - edited ‎03-10-2019 04:33 PM

Hello,

I have ACS1113(4.2) solution Engine and ASA 5550 which have been integrated with ACS. I need to authenticate and authorize the VPN users form ACS.

Also I need to have different access for different group in ACS

please help me in this.

Thanks

Ritesh

Labels:
0 Helpful
4 Replies 4

Jagdeep Gambhir
Level 10
Level 10

‎06-29-2009 10:01 AM

Ritesh,

Please provide some more information about your setup. Here are some links that should help,

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a008080f2d1.shtml

NAR's,

http://tinyurl.com/cowfsb

Command Authorization,

http://tinyurl.com/c5n4rl

Configure ACS to Assign a Group Policy at Login using RADIUS

http://tinyurl.com/2sa44y

Hope that helps!

Regards,

~JG

Do rate helpful posts

0 Helpful

riteshmalpani
Level 1
Level 1

‎07-01-2009 12:22 AM

Thanks Gambhir . I was able to complete the task.

0 Helpful

Jagdeep Gambhir
Level 10
Level 10
In response to riteshmalpani

‎07-01-2009 05:54 AM

Hi Ritesh,

Please mark this thread resolved so other can benefit.

Regards,

~JG

0 Helpful

riteshmalpani
Level 1
Level 1
In response to Jagdeep Gambhir

‎07-01-2009 09:02 PM

Hi,

I am finding one problem. Well I have done the configurations in ASA for Authentication through ACS but when attempt to autehnticate through user then i get autehentication message. here is the command configure in ASA and debug msg

Command:

aaa-server ACSCHN protocol radius

aaa-server ACSCHN (WAN) host 10.132.15.26

key _____

aaa authentication telnet console ACSCHN LOCAL

aaa authentication enable console ACSCHN LOCAL

Debug Msg:

Initiating authentication to primary server (Svr Grp: ACSCHN)

------------------------------------------------

AAA FSM: In AAA_BindServer

AAA_BindServer: Using server:

AAA FSM: In AAA_SendMsg

User: wipro

Resp:

In localauth_ioctl

Local authentication of user wipro

callback_aaa_task: status = -1, msg =

AAA FSM: In aaa_backend_callback

aaa_backend_callback: Handle = 868, pAcb = 1a3363f8

aaa_backend_callback: Error: sorry

AAA task: aaa_process_msg(185f00e8) received message type 1

AAA FSM: In AAA_ProcSvrResp

Back End response:

------------------

Authentication Status: -1 (REJECT)

AAA FSM: In AAA_NextFunction

AAA_NextFunction: i_fsm_state = IFSM_PRIM_AUTHENTICATE, auth_status = REJECT

AAA_NextFunction: authen svr = ACSCHN, author svr = , user pol = , tunn pol =

AAA_NextFunction: New i_fsm_state = IFSM_DONE,

AAA FSM: In AAA_ProcessFinal

AAA FSM: In AAA_Callback

user attributes:

None

user policy attributes:

None

tunnel policy attributes:

None

Auth Status = REJECT

aaai_internal_cb: handle is 868, pAcb is 1a3363f8, pAcb->tq.tqh_first is 1841ce20

AAA API: In aaa_close

AAA task: aaa_process_msg(185f00e8) received message type 3

In aaai_close_session (868)

Please help why it authenticated with internal server not with ACS server.

Regards

Ritesh

0 Helpful
Customers Also Viewed These Support Documents