cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
11647
Views
0
Helpful
6
Replies

issue authenticating IPSec VPN against AD through Radius/ISA

Kyle_McIver
Level 1
Level 1

As background I have an IPSec VPN authenticating against the local database up and running with access to my internal network and working with zero issues.

So I would like to move the authentication off the local database and boince it off my AD.  I am running server 2003 so I setup ISA as a RADIUS server and believe I have this configured correctly.  It is registered in AD, I've added my asa as a radius client, custom remote access and connection request policies.

When testing authentication in the ASDM it succedes with all users that should.

When testing through my vpn client on a remote machine I recieve connection terminated by peer, no reason given.

From the event logs on the DC it says

-user %domain-username% was granted access.

directly after that there is an entry

-VPN-Radius-GP was denied access

where VPN-Radius-GP is the name of the tunnel group policy in my ASA.

Ive searched a lot of literature and a couple forums and have yet to find any explanation as to why this would be getting passed as a user name that is trying to authenticate on the ISA

Anyone have any ideas?

thanks

Mac

1 Accepted Solution

Accepted Solutions

group-policy VPN-Radius-GP external server-group VPN_Radius_Auth password aaaaaaaaaaaaaaaaaaaaaa

This is an external group-policy,  by definition this is a group-policy defined on the AAA server, so the ASA sends a radius access-request to retrieve the group-policy attributes.

see e.g. http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/vpngrp.html#wp1133706

If that is not what you want, then just delete the group-policy and use an internal one instead (like the "q101 VPN GP" you have).

hth

Herbert

View solution in original post

6 Replies 6

andamani
Cisco Employee
Cisco Employee

hi Kyle,

Please paste the sh run of the ASA.

Also please let ensure that the user is having Dial-in properties as Allow access in the AD.

Hope this helps.

Regards,

Anisha

P.S.: please mark this thread as answered if you feel your query is resolved. Do rate helpful posts.

I was sure, but I checked again and the user I'm testing with does have dial in access set to 'allow'.

here is a copy of the config.

Result of the command: "sh run"

: Saved
:
ASA Version 7.2(4)
!
hostname q101-BackDraft
domain-name q101.NET
enable password yAvIrfiKDu/oTQ1m encrypted
passwd yAvIrfiKDu/oTQ1m encrypted
names
name 192.168.0.1 q101.Internal
name 10.10.3.0 q101.Remote
!
interface Vlan1
nameif q101.Internal
security-level 100
ip address 192.168.0.10 255.255.255.0
ospf cost 10
!
interface Vlan2
nameif The.Cloud
security-level 0
pppoe client vpdn group q101
ip address pppoe setroute
ospf cost 10
!
interface Ethernet0/0
switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
ftp mode passive
clock timezone CST -6
clock summer-time CDT recurring
dns domain-lookup q101.Internal
dns server-group DefaultDNS
name-server 192.168.0.5
name-server 192.168.0.2
domain-name q101.NET
same-security-traffic permit intra-interface
access-list q101.Internal_nat0_outbound extended permit ip q101.Internal 255.255.255.0 q101.Remote 255.255.255.0
access-list q101-inside standard permit q101.Internal 255.255.255.0
pager lines 24
logging enable
logging asdm informational
mtu The.Cloud 1500
mtu q101.Internal 1500
ip local pool q101.Remote 10.10.3.1-10.10.3.254 mask 255.255.255.0
no failover
monitor-interface The.Cloud
monitor-interface q101.Internal
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-524.bin
no asdm history enable
arp timeout 14400
nat-control
global (The.Cloud) 1 interface
nat (q101.Internal) 0 access-list q101.Internal_nat0_outbound
nat (q101.Internal) 1 0.0.0.0 0.0.0.0
route The.Cloud q101.Remote 255.255.255.0 192.168.0.10 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
aaa-server VPN_Radius_Auth protocol radius
aaa-server VPN_Radius_Auth (q101.Internal) host 192.168.0.2
key aaaaaaaaaaaaaaaaaaaaaa
radius-common-pw aaaaaaaaaaaaaaaaaaaaaa
http server enable
http q101.Internal 255.255.255.0 q101.Internal
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto dynamic-map The.Cloud_dyn_map 10 set pfs group5
crypto dynamic-map The.Cloud_dyn_map 10 set transform-set ESP-AES-256-SHA
crypto map The.Cloud_map 65535 ipsec-isakmp dynamic The.Cloud_dyn_map
crypto map The.Cloud_map interface The.Cloud
crypto isakmp enable The.Cloud
crypto isakmp policy 10
authentication pre-share
encryption aes-256
hash sha
group 2
lifetime 86400
crypto isakmp nat-traversal  240
no vpn-addr-assign aaa
no vpn-addr-assign dhcp
telnet timeout 5
ssh timeout 5
console timeout 0
management-access q101.Internal
vpdn group q101 request dialout pppoe
vpdn group q101 localname q1019870@static.att.net
vpdn group q101 ppp authentication pap
vpdn username q1019870@static.att.net password *********
dhcpd auto_config The.Cloud
!


group-policy VPN-Radius-GP external server-group VPN_Radius_Auth password aaaaaaaaaaaaaaaaaaaaaa
group-policy "q101 VPN GP" internal
group-policy "q101 VPN GP" attributes
dns-server value 192.168.0.5 192.168.0.2
vpn-tunnel-protocol IPSec
ipsec-udp enable
ipsec-udp-port 10000
split-tunnel-policy tunnelspecified
split-tunnel-network-list value q101-inside
default-domain value q101.NET
user-authentication enable
user-authentication-idle-timeout 3
address-pools value q101.Remote
webvpn
  svc enable
  svc keep-installer installed
username BM password w3vgk3F5ezqWqhHI encrypted
username BM attributes
vpn-group-policy "q101 VPN GP"
vpn-tunnel-protocol IPSec
group-lock value q101-VPN
username NA password U7D8R4/l33pit7FA encrypted privilege 15
username NA attributes
vpn-group-policy "q101 VPN GP"
vpn-tunnel-protocol IPSec
webvpn
  svc enable
  svc keep-installer installed
username MD password ccYia.03ZwudFDra encrypted
username MD attributes
vpn-group-policy "q101 VPN GP"
vpn-tunnel-protocol IPSec
group-lock value q101-VPN
username RS password c4upal8YVJ5NNg1p encrypted
username RS attributes
vpn-group-policy "q101 VPN GP"
vpn-tunnel-protocol IPSec
group-lock value q101-VPN
tunnel-group DefaultRAGroup general-attributes
address-pool q101.Remote
authentication-server-group VPN_Radius_Auth
accounting-server-group VPN_Radius_Auth
default-group-policy VPN-Radius-GP
tunnel-group DefaultRAGroup ipsec-attributes
pre-shared-key *
isakmp ikev1-user-authentication none
tunnel-group DefaultRAGroup ppp-attributes
authentication ms-chap-v2
tunnel-group q101-VPN type ipsec-ra
tunnel-group q101-VPN general-attributes
address-pool q101.Remote
authorization-server-group LOCAL
default-group-policy "q101 VPN GP"
authorization-required
authorization-dn-attributes use-entire-name
tunnel-group q101-VPN ipsec-attributes
pre-shared-key *
!
class-map inspection_default
match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
parameters
  message-length maximum 512
policy-map global_policy
class inspection_default
  inspect dns preset_dns_map
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect rsh
  inspect rtsp
  inspect esmtp
  inspect sqlnet
  inspect skinny
  inspect sunrpc
  inspect xdmcp
  inspect sip
  inspect netbios
  inspect tftp
!
service-policy global_policy global
prompt hostname context
Cryptochecksum:3ca0c299893908e69853b34bd01649ff
: end

Hi,

Please run the following debugs.

deb aaa authentication 127

deb radius all

deb cry isa 127

deb cry ips 127..

Initiate the traffic and paste the output of the same.

Regards,

Anisha

Here are the requested logs.  I verified my ISA server password was the same on both sides and even changed it to somethingn dirt simple to make sure it was with the same result.

Any help is appreciated.

thanks

mac

<191>Mar 04 2011 16:42:28: %ASA-7-609001: Built local-host The.Cloud:xx.xxx.109.1

<191>Mar 04 2011 16:42:28: %ASA-7-609001: Built local-host NP Identity Ifc:xx.xxx.xx.102

<190>Mar 04 2011 16:42:28: %ASA-6-302015: Built inbound UDP connection 1852250 for The.Cloud:xx.xxx.109.1/500 (xx.xxx.109.1/500) to NP Identity Ifc:xx.xxx.xx.102/500 (xx.xxx.xx.102/500)

<191>Mar 04 2011 16:42:28: %ASA-7-713236: IP = xx.xxx.109.1, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + KE (4) + NONCE (10) + ID (5) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 854

<191>Mar 04 2011 16:42:28: %ASA-7-715047: IP = xx.xxx.109.1, processing SA payload

<191>Mar 04 2011 16:42:28: %ASA-7-715047: IP = xx.xxx.109.1, processing ke payload

<191>Mar 04 2011 16:42:28: %ASA-7-715047: IP = xx.xxx.109.1, processing ISA_KE payload

<191>Mar 04 2011 16:42:28: %ASA-7-715047: IP = xx.xxx.109.1, processing nonce payload

<191>Mar 04 2011 16:42:28: %ASA-7-715047: IP = xx.xxx.109.1, processing ID payload

<191>Mar 04 2011 16:42:28: %ASA-7-715047: IP = xx.xxx.109.1, processing VID payload

<191>Mar 04 2011 16:42:28: %ASA-7-715049: IP = xx.xxx.109.1, Received xauth V6 VID

<191>Mar 04 2011 16:42:28: %ASA-7-715047: IP = xx.xxx.109.1, processing VID payload

<191>Mar 04 2011 16:42:28: %ASA-7-715049: IP = xx.xxx.109.1, Received DPD VID

<191>Mar 04 2011 16:42:28: %ASA-7-715047: IP = xx.xxx.109.1, processing VID payload

<191>Mar 04 2011 16:42:28: %ASA-7-715049: IP = xx.xxx.109.1, Received Fragmentation VID

<191>Mar 04 2011 16:42:28: %ASA-7-715064: IP = xx.xxx.109.1, IKE Peer included IKE fragmentation capability flags:  Main Mode:        True  Aggressive Mode:  False

<191>Mar 04 2011 16:42:28: %ASA-7-715047: IP = xx.xxx.109.1, processing VID payload

<191>Mar 04 2011 16:42:28: %ASA-7-715049: IP = xx.xxx.109.1, Received NAT-Traversal ver 02 VID

<191>Mar 04 2011 16:42:28: %ASA-7-715047: IP = xx.xxx.109.1, processing VID payload

<191>Mar 04 2011 16:42:28: %ASA-7-715049: IP = xx.xxx.109.1, Received Cisco Unity client VID

<191>Mar 04 2011 16:42:28: %ASA-7-713906: IP = xx.xxx.109.1, Connection landed on tunnel_group q101-Radius

<191>Mar 04 2011 16:42:28: %ASA-7-715047: Group = q101-Radius, IP = xx.xxx.109.1, processing IKE SA payload

<191>Mar 04 2011 16:42:28: %ASA-7-715028: Group = q101-Radius, IP = xx.xxx.109.1, IKE SA Proposal # 1, Transform # 1 acceptable  Matches global IKE entry # 1

<191>Mar 04 2011 16:42:28: %ASA-7-711001: Mar 04 16:42:28 [IKEv1]
<191>Mar 04 2011 16:42:28: %ASA-7-711001: : IP = xx.xxx.109.1, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + SA (1) + KE (4) + NONCE (10) + ID (5) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 854

<191>Mar 04 2011 16:42:28: %ASA-7-711001: Mar 04 16:42:28 [IKEv1 DEBUG]
<191>Mar 04 2011 16:42:28: %ASA-7-711001: : IP = xx.xxx.109.1, processing SA payload

<191>Mar 04 2011 16:42:28: %ASA-7-715046: Group = q101-Radius, IP = xx.xxx.109.1, constructing ISAKMP SA payload

<191>Mar 04 2011 16:42:28: %ASA-7-715046: Group = q101-Radius, IP = xx.xxx.109.1, constructing ke payload

<191>Mar 04 2011 16:42:28: %ASA-7-715046: Group = q101-Radius, IP = xx.xxx.109.1, constructing nonce payload

<191>Mar 04 2011 16:42:28: %ASA-7-713906: Group = q101-Radius, IP = xx.xxx.109.1, Generating keys for Responder...

<191>Mar 04 2011 16:42:28: %ASA-7-711001: Mar 04 16:42:28 [IKEv1 DEBUG]
<191>Mar 04 2011 16:42:28: %ASA-7-711001: : IP = xx.xxx.109.1, processing ke payload

<191>Mar 04 2011 16:42:28: %ASA-7-715046: Group = q101-Radius, IP = xx.xxx.109.1, constructing ID payload

<191>Mar 04 2011 16:42:28: %ASA-7-715046: Group = q101-Radius, IP = xx.xxx.109.1, constructing hash payload

<191>Mar 04 2011 16:42:28: %ASA-7-715076: Group = q101-Radius, IP = xx.xxx.109.1, Computing hash for ISAKMP

<191>Mar 04 2011 16:42:28: %ASA-7-715046: Group = q101-Radius, IP = xx.xxx.109.1, constructing Cisco Unity VID payload

<191>Mar 04 2011 16:42:28: %ASA-7-715046: Group = q101-Radius, IP = xx.xxx.109.1, constructing xauth V6 VID payload

<191>Mar 04 2011 16:42:28: %ASA-7-715046: Group = q101-Radius, IP = xx.xxx.109.1, constructing dpd vid payload

<191>Mar 04 2011 16:42:28: %ASA-7-715046: Group = q101-Radius, IP = xx.xxx.109.1, constructing NAT-Traversal VID ver 02 payload

<191>Mar 04 2011 16:42:28: %ASA-7-715046: Group = q101-Radius, IP = xx.xxx.109.1, constructing NAT-Discovery payload

<191>Mar 04 2011 16:42:28: %ASA-7-713906: Group = q101-Radius, IP = xx.xxx.109.1, computing NAT Discovery hash

<191>Mar 04 2011 16:42:28: %ASA-7-715046: Group = q101-Radius, IP = xx.xxx.109.1, constructing NAT-Discovery payload

<191>Mar 04 2011 16:42:28: %ASA-7-713906: Group = q101-Radius, IP = xx.xxx.109.1, computing NAT Discovery hash

<191>Mar 04 2011 16:42:28: %ASA-7-715046: Group = q101-Radius, IP = xx.xxx.109.1, constructing Fragmentation VID + extended capabilities payload

<191>Mar 04 2011 16:42:28: %ASA-7-715046: Group = q101-Radius, IP = xx.xxx.109.1, constructing VID payload

<191>Mar 04 2011 16:42:28: %ASA-7-715048: Group = q101-Radius, IP = xx.xxx.109.1, Send Altiga/Cisco VPN3000/Cisco ASA GW VID

<191>Mar 04 2011 16:42:28: %ASA-7-713236: IP = xx.xxx.109.1, IKE_DECODE SENDING Message (msgid=0) with payloads : HDR + SA (1) + KE (4) + NONCE (10) + ID (5) + HASH (8) + VENDOR (13) + VENDOR (13) + VENDOR (13) + VENDOR (13) + NAT-D (130) + NAT-D (130) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 444

<191>Mar 04 2011 16:42:28: %ASA-7-711001: Mar 04 16:42:28 [IKEv1 DEBUG]
<191>Mar 04 2011 16:42:28: %ASA-7-711001: : IP = xx.xxx.109.1, processing ISA_KE payload

<191>Mar 04 2011 16:42:28: %ASA-7-711001: Mar 04 16:42:28 [IKEv1 DEBUG]
<191>Mar 04 2011 16:42:28: %ASA-7-711001: : IP = xx.xxx.109.1, processing nonce payload

<191>Mar 04 2011 16:42:28: %ASA-7-711001: Mar 04 16:42:28 [IKEv1 DEBUG]
<191>Mar 04 2011 16:42:28: %ASA-7-711001: : IP = xx.xxx.109.1, processing ID payload

<191>Mar 04 2011 16:42:28: %ASA-7-711001: Mar 04 16:42:28 [IKEv1 DEBUG]
<191>Mar 04 2011 16:42:28: %ASA-7-711001: : IP = xx.xxx.109.1, processing VID payload

<191>Mar 04 2011 16:42:28: %ASA-7-711001: Mar 04 16:42:28 [IKEv1 DEBUG]
<191>Mar 04 2011 16:42:28: %ASA-7-711001: : IP = xx.xxx.109.1, Received xauth V6 VID

<191>Mar 04 2011 16:42:28: %ASA-7-711001: Mar 04 16:42:28 [IKEv1 DEBUG]
<191>Mar 04 2011 16:42:28: %ASA-7-711001: : IP = xx.xxx.109.1, processing VID payload

<191>Mar 04 2011 16:42:28: %ASA-7-711001: Mar 04 16:42:28 [IKEv1 DEBUG]
<191>Mar 04 2011 16:42:28: %ASA-7-711001: : IP = xx.xxx.109.1, Received DPD VID

<191>Mar 04 2011 16:42:28: %ASA-7-711001: Mar 04 16:42:28 [IKEv1 DEBUG]
<191>Mar 04 2011 16:42:28: %ASA-7-711001: : IP = xx.xxx.109.1, processing VID payload

<191>Mar 04 2011 16:42:28: %ASA-7-711001: Mar 04 16:42:28 [IKEv1 DEBUG]
<191>Mar 04 2011 16:42:28: %ASA-7-711001: : IP = xx.xxx.109.1, Received Fragmentation VID

<191>Mar 04 2011 16:42:28: %ASA-7-711001: Mar 04 16:42:28 [IKEv1 DEBUG]
<191>Mar 04 2011 16:42:28: %ASA-7-711001: : IP = xx.xxx.109.1, IKE Peer included IKE fragmentation capability flags:  Main Mode:        True  Aggressive Mode:  False

<191>Mar 04 2011 16:42:28: %ASA-7-711001: Mar 04 16:42:28 [IKEv1 DEBUG]
<191>Mar 04 2011 16:42:28: %ASA-7-711001: : IP = xx.xxx.109.1, processing VID payload

<191>Mar 04 2011 16:42:28: %ASA-7-711001: Mar 04 16:42:28 [IKEv1 DEBUG]
<191>Mar 04 2011 16:42:28: %ASA-7-711001: : IP = xx.xxx.109.1, Received NAT-Traversal ver 02 VID

<191>Mar 04 2011 16:42:28: %ASA-7-711001: Mar 04 16:42:28 [IKEv1 DEBUG]
<191>Mar 04 2011 16:42:28: %ASA-7-711001: : IP = xx.xxx.109.1, processing VID payload

<191>Mar 04 2011 16:42:28: %ASA-7-711001: Mar 04 16:42:28 [IKEv1 DEBUG]
<191>Mar 04 2011 16:42:28: %ASA-7-711001: : IP = xx.xxx.109.1, Received Cisco Unity client VID

<191>Mar 04 2011 16:42:28: %ASA-7-711001: Mar 04 16:42:28 [IKEv1]
<191>Mar 04 2011 16:42:28: %ASA-7-711001: : IP = xx.xxx.109.1, Connection landed on tunnel_group q101-Radius

<191>Mar 04 2011 16:42:28: %ASA-7-711001: Mar 04 16:42:28 [IKEv1 DEBUG]
<191>Mar 04 2011 16:42:28: %ASA-7-711001: : Group = q101-Radius, IP = xx.xxx.109.1, processing IKE SA payload

<191>Mar 04 2011 16:42:28: %ASA-7-711001: Mar 04 16:42:28 [IKEv1 DEBUG]
<191>Mar 04 2011 16:42:28: %ASA-7-711001: : Group = q101-Radius, IP = xx.xxx.109.1, IKE SA Proposal # 1, Transform # 1 acceptable  Matches global IKE entry # 1

<191>Mar 04 2011 16:42:28: %ASA-7-711001: Mar 04 16:42:28 [IKEv1 DEBUG]
<191>Mar 04 2011 16:42:28: %ASA-7-711001: : Group = q101-Radius, IP = xx.xxx.109.1, constructing ISAKMP SA payload

<191>Mar 04 2011 16:42:28: %ASA-7-711001: Mar 04 16:42:28 [IKEv1 DEBUG]
<191>Mar 04 2011 16:42:28: %ASA-7-711001: : Group = q101-Radius, IP = xx.xxx.109.1, constructing ke payload

<191>Mar 04 2011 16:42:28: %ASA-7-711001: Mar 04 16:42:28 [IKEv1 DEBUG]
<191>Mar 04 2011 16:42:28: %ASA-7-711001: : Group = q101-Radius, IP = xx.xxx.109.1, constructing nonce payload

<191>Mar 04 2011 16:42:28: %ASA-7-711001: Mar 04 16:42:28 [IKEv1 DEBUG]
<191>Mar 04 2011 16:42:28: %ASA-7-711001: Mar 04 16:42:28 [IKEv1 DEBUG]
<191>Mar 04 2011 16:42:28: %ASA-7-711001: : Group = q101-Radius, IP = xx.xxx.109.1, constructing Fragmentation VID + extended capabilities payload

<190>Mar 04 2011 16:42:29: %ASA-6-302015: Built inbound UDP connection 1852251 for The.Cloud:xx.xxx.109.1/61608 (xx.xxx.109.1/61608) to NP Identity Ifc:xx.xxx.xx.102/4500 (xx.xxx.xx.102/4500)

<191>Mar 04 2011 16:42:29: %ASA-7-713236: IP = xx.xxx.109.1, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + HASH (8) + NOTIFY (11) + NAT-D (130) + NAT-D (130) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 168

<191>Mar 04 2011 16:42:29: %ASA-7-715047: Group = q101-Radius, IP = xx.xxx.109.1, processing hash payload

<191>Mar 04 2011 16:42:29: %ASA-7-715076: Group = q101-Radius, IP = xx.xxx.109.1, Computing hash for ISAKMP

<191>Mar 04 2011 16:42:29: %ASA-7-715047: Group = q101-Radius, IP = xx.xxx.109.1, processing notify payload

<191>Mar 04 2011 16:42:29: %ASA-7-715047: Group = q101-Radius, IP = xx.xxx.109.1, processing NAT-Discovery payload

<191>Mar 04 2011 16:42:29: %ASA-7-713906: Group = q101-Radius, IP = xx.xxx.109.1, computing NAT Discovery hash

<191>Mar 04 2011 16:42:29: %ASA-7-715047: Group = q101-Radius, IP = xx.xxx.109.1, processing NAT-Discovery payload

<191>Mar 04 2011 16:42:29: %ASA-7-713906: Group = q101-Radius, IP = xx.xxx.109.1, computing NAT Discovery hash

<191>Mar 04 2011 16:42:29: %ASA-7-715047: Group = q101-Radius, IP = xx.xxx.109.1, processing VID payload

<191>Mar 04 2011 16:42:29: %ASA-7-715038: Group = q101-Radius, IP = xx.xxx.109.1, Processing IOS/PIX Vendor ID payload (version: 1.0.0, capabilities: 00000408)

<191>Mar 04 2011 16:42:29: %ASA-7-715047: Group = q101-Radius, IP = xx.xxx.109.1, processing VID payload

<191>Mar 04 2011 16:42:29: %ASA-7-715049: Group = q101-Radius, IP = xx.xxx.109.1, Received Cisco Unity client VID

<190>Mar 04 2011 16:42:29: %ASA-6-713172: Group = q101-Radius, IP = xx.xxx.109.1, Automatic NAT Detection Status:     Remote end   IS   behind a NAT device     This   end is NOT behind a NAT device

<191>Mar 04 2011 16:42:29: %ASA-7-715046: Group = q101-Radius, IP = xx.xxx.109.1, constructing blank hash payload

<191>Mar 04 2011 16:42:29: %ASA-7-715046: Group = q101-Radius, IP = xx.xxx.109.1, constructing qm hash payload

<191>Mar 04 2011 16:42:29: %ASA-7-713236: IP = xx.xxx.109.1, IKE_DECODE SENDING Message (msgid=a3b1d4ff) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 72

<191>Mar 04 2011 16:42:29: %ASA-7-711001: Mar 04 16:42:29 [IKEv1]
<191>Mar 04 2011 16:42:29: %ASA-7-710005: UDP request discarded from xx.xxx.109.1/61608 to The.Cloud:xx.xxx.xx.102/4500

<191>Mar 04 2011 16:42:29: %ASA-7-711001: : IP = xx.xxx.109.1, IKE_DECODE RECEIVED Message (msgid=0) with payloads : HDR + HASH (8) + NOTIFY (11) + NAT-D (130) + NAT-D (130) + VENDOR (13) + VENDOR (13) + NONE (0) total length : 168

<191>Mar 04 2011 16:42:29: %ASA-7-711001: Mar 04 16:42:29 [IKEv1 DEBUG]
<191>Mar 04 2011 16:42:29: %ASA-7-711001: : Group = q101-Radius, IP = xx.xxx.109.1, processing hash payload

<191>Mar 04 2011 16:42:29: %ASA-7-711001: Mar 04 16:42:29 [IKEv1 DEBUG]
<191>Mar 04 2011 16:42:29: %ASA-7-711001: : Group = q101-Radius, IP = xx.xxx.109.1, Computing hash for ISAKMP

<191>Mar 04 2011 16:42:29: %ASA-7-711001: Mar 04 16:42:29 [IKEv1 DEBUG]
<191>Mar 04 2011 16:42:29: %ASA-7-711001: : Group = q101-Radius, IP = xx.xxx.109.1, processing notify payload

<191>Mar 04 2011 16:42:29: %ASA-7-711001: Mar 04 16:42:29 [IKEv1 DEBUG]
<191>Mar 04 2011 16:42:29: %ASA-7-711001: : Group = q101-Radius, IP = xx.xxx.109.1, processing NAT-Discovery payload

<191>Mar 04 2011 16:42:29: %ASA-7-711001: Mar 04 16:42:29 [IKEv1 DEBUG]
<191>Mar 04 2011 16:42:29: %ASA-7-711001: : Group = q101-Radius, IP = xx.xxx.109.1, computing NAT Discovery hash

<191>Mar 04 2011 16:42:29: %ASA-7-711001: Mar 04 16:42:29 [IKEv1 DEBUG]
<191>Mar 04 2011 16:42:29: %ASA-7-711001: : Group = q101-Radius, IP = xx.xxx.109.1, processing NAT-Discovery payload

<191>Mar 04 2011 16:42:29: %ASA-7-711001: Mar 04 16:42:29 [IKEv1 DEBUG]
<191>Mar 04 2011 16:42:29: %ASA-7-711001: : Group = q101-Radius, IP = xx.xxx.109.1, computing NAT Discovery hash

<191>Mar 04 2011 16:42:29: %ASA-7-711001: Mar 04 16:42:29 [IKEv1 DEBUG]
<191>Mar 04 2011 16:42:29: %ASA-7-711001: : Group = q101-Radius, IP = xx.xxx.109.1, processing VID payload

<191>Mar 04 2011 16:42:29: %ASA-7-711001: Mar 04 16:42:29 [IKEv1 DEBUG]
<191>Mar 04 2011 16:42:29: %ASA-7-711001: : Group = q101-Radius, IP = xx.xxx.109.1, Processing IOS/PIX Vendor ID payload (version: 1.0.0, capabilities: 00000408)

<191>Mar 04 2011 16:42:29: %ASA-7-711001: Mar 04 16:42:29 [IKEv1 DEBUG]
<191>Mar 04 2011 16:42:29: %ASA-7-711001: : Group = q101-Radius, IP = xx.xxx.109.1, processing VID payload

<191>Mar 04 2011 16:42:29: %ASA-7-711001: Mar 04 16:42:29 [IKEv1 DEBUG]
<191>Mar 04 2011 16:42:29: %ASA-7-711001: : Group = q101-Radius, IP = xx.xxx.109.1, Received Cisco Unity client VID

<191>Mar 04 2011 16:42:29: %ASA-7-711001: Mar 04 16:42:29 [IKEv1]
<191>Mar 04 2011 16:42:29: %ASA-7-711001: : Group = q101-Radius, IP = xx.xxx.109.1, Automatic NAT Detection Status:     Remote end   IS   behind a NAT device     This   end is NOT behind a NAT device

<191>Mar 04 2011 16:42:29: %ASA-7-711001: Mar 04 16:42:29 [IKEv1 DEBUG]
<191>Mar 04 2011 16:42:29: %ASA-7-711001: : Group = q101-Radius, IP = xx.xxx.109.1, constructing blank hash payload

<191>Mar 04 2011 16:42:29: %ASA-7-711001: Mar 04 16:42:29 [IKEv1 DEBUG]
<191>Mar 04 2011 16:42:29: %ASA-7-711001: : Group = q101-Radius, IP = xx.xxx.109.1, constructing qm hash payload

<191>Mar 04 2011 16:42:29: %ASA-7-711001: Mar 04 16:42:29 [IKEv1]
<191>Mar 04 2011 16:42:29: %ASA-7-711001: : IP = xx.xxx.109.1, IKE_DECODE SENDING Message (msgid=a3b1d4ff) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 72

<191>Mar 04 2011 16:42:31: %ASA-7-609001: Built local-host The.Cloud:192.58.128.30

<190>Mar 04 2011 16:42:31: %ASA-6-302015: Built outbound UDP connection 1852252 for The.Cloud:192.58.128.30/53 (192.58.128.30/53) to q101.Internal:10.10.1.2/1057 (xx.xxx.xx.102/1696)

<191>Mar 04 2011 16:42:31: %ASA-7-609001: Built local-host The.Cloud:156.154.101.3

<190>Mar 04 2011 16:42:31: %ASA-6-302015: Built outbound UDP connection 1852253 for The.Cloud:156.154.101.3/53 (156.154.101.3/53) to q101.Internal:10.10.1.2/1057 (xx.xxx.xx.102/1696)

<191>Mar 04 2011 16:42:31: %ASA-7-609002: Teardown local-host The.Cloud:192.58.128.30 duration 0:00:00

<191>Mar 04 2011 16:42:31: %ASA-7-609001: Built local-host The.Cloud:132.185.132.21

<190>Mar 04 2011 16:42:31: %ASA-6-302015: Built outbound UDP connection 1852254 for The.Cloud:132.185.132.21/53 (132.185.132.21/53) to q101.Internal:10.10.1.2/1057 (xx.xxx.xx.102/1696)

<190>Mar 04 2011 16:42:31: %ASA-6-302016: Teardown UDP connection 1852253 for The.Cloud:156.154.101.3/53 to q101.Internal:10.10.1.2/1057 duration 0:00:00 bytes 222

<191>Mar 04 2011 16:42:31: %ASA-7-609002: Teardown local-host The.Cloud:156.154.101.3 duration 0:00:00

<190>Mar 04 2011 16:42:31: %ASA-6-302016: Teardown UDP connection 1852254 for The.Cloud:132.185.132.21/53 to q101.Internal:10.10.1.2/1057 duration 0:00:00 bytes 100

<191>Mar 04 2011 16:42:31: %ASA-7-609002: Teardown local-host The.Cloud:132.185.132.21 duration 0:00:00

<191>Mar 04 2011 16:42:31: %ASA-7-609001: Built local-host The.Cloud:69.31.97.153

<190>Mar 04 2011 16:42:31: %ASA-6-305011: Built dynamic TCP translation from q101.Internal:10.10.1.4/1579 to The.Cloud:xx.xxx.xx.102/6118

<190>Mar 04 2011 16:42:31: %ASA-6-302013: Built outbound TCP connection 1852255 for The.Cloud:69.31.97.153/80 (69.31.97.153/80) to q101.Internal:10.10.1.4/1579 (xx.xxx.xx.102/6118)

<191>Mar 04 2011 16:42:31: %ASA-7-609001: Built local-host The.Cloud:198.63.194.83

<190>Mar 04 2011 16:42:31: %ASA-6-305011: Built dynamic TCP translation from q101.Internal:10.10.1.4/1580 to The.Cloud:xx.xxx.xx.102/6119

<190>Mar 04 2011 16:42:31: %ASA-6-302013: Built outbound TCP connection 1852256 for The.Cloud:198.63.194.83/80 (198.63.194.83/80) to q101.Internal:10.10.1.4/1580 (xx.xxx.xx.102/6119)

<191>Mar 04 2011 16:42:36: %ASA-7-713236: IP = xx.xxx.109.1, IKE_DECODE RECEIVED Message (msgid=a3b1d4ff) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 92

<191>Mar 04 2011 16:42:36: %ASA-7-715001: Group = q101-Radius, IP = xx.xxx.109.1, process_attr(): Enter!

<191>Mar 04 2011 16:42:36: %ASA-7-715001: Group = q101-Radius, IP = xx.xxx.109.1, Processing MODE_CFG Reply attributes.

<190>Mar 04 2011 16:42:36: %ASA-6-302015: Built outbound UDP connection 1852257 for q101.Internal:10.10.1.2/1645 (10.10.1.2/1645) to NP Identity Ifc:10.10.1.10/1025 (10.10.1.10/1025)

<191>Mar 04 2011 16:42:36: %ASA-7-711001: Mar 04 16:42:36 [IKEv1]
<191>Mar 04 2011 16:42:36: %ASA-7-711001: : IP = xx.xxx.109.1, IKE_DECODE RECEIVED Message (msgid=a3b1d4ff) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 92

<191>Mar 04 2011 16:42:36: %ASA-7-711001: Mar 04 16:42:36 [IKEv1 DEBUG]
<191>Mar 04 2011 16:42:36: %ASA-7-711001: : Group = q101-Radius, IP = xx.xxx.109.1, process_attr(): Enter!

<191>Mar 04 2011 16:42:36: %ASA-7-711001: Mar 04 16:42:36 [IKEv1 DEBUG]
<191>Mar 04 2011 16:42:36: %ASA-7-711001: : Group = q101-Radius, IP = xx.xxx.109.1, Processing MODE_CFG Reply attributes.

<191>Mar 04 2011 16:42:36: %ASA-7-711001: radius mkreq: 0x26d

<191>Mar 04 2011 16:42:36: %ASA-7-711001: alloc_rip 0x4150270

<191>Mar 04 2011 16:42:36: %ASA-7-711001:     new request 0x26d --> 61 (0x4150270)

<191>Mar 04 2011 16:42:36: %ASA-7-711001: got user ''

<191>Mar 04 2011 16:42:36: %ASA-7-711001: got password

<191>Mar 04 2011 16:42:36: %ASA-7-711001: add_req 0x4150270 session 0x26d id 61

<191>Mar 04 2011 16:42:36: %ASA-7-711001: RADIUS_REQUEST

<191>Mar 04 2011 16:42:36: %ASA-7-711001: radius.c: rad_mkpkt

<191>Mar 04 2011 16:42:36: %ASA-7-711001:
RADIUS packet decode (authentication request)

<191>Mar 04 2011 16:42:36: %ASA-7-711001:
--------------------------------------

<191>Mar 04 2011 16:42:36: %ASA-7-711001: Raw packet data (length = 158).....

<191>Mar 04 2011 16:42:36: %ASA-7-711001: 01
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 3d
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 00
<190>Mar 04 2011 16:42:36: %ASA-6-113005: AAA user authentication Rejected : reason = AAA failure : server = 10.10.1.2 : user = vpn_user

<191>Mar 04 2011 16:42:36: %ASA-7-715046: Group = q101-Radius, Username = vpn_user, IP = xx.xxx.109.1, constructing blank hash payload

<191>Mar 04 2011 16:42:36: %ASA-7-715046: Group = q101-Radius, Username = vpn_user, IP = xx.xxx.109.1, constructing qm hash payload

<191>Mar 04 2011 16:42:36: %ASA-7-713236: IP = xx.xxx.109.1, IKE_DECODE SENDING Message (msgid=225254ac) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 72

<191>Mar 04 2011 16:42:36: %ASA-7-711001: 9e
<191>Mar 04 2011 16:42:36: %ASA-7-711001: d9
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 9e
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 7f
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 4c
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 95
<191>Mar 04 2011 16:42:36: %ASA-7-711001: aa
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 9b
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 38
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 11
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 76
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 77
<191>Mar 04 2011 16:42:36: %ASA-7-711001: e4
<191>Mar 04 2011 16:42:36: %ASA-7-711001:    | 
<191>Mar 04 2011 16:42:36: %ASA-7-711001: .
<191>Mar 04 2011 16:42:36: %ASA-7-711001: =
<191>Mar 04 2011 16:42:36: %ASA-7-711001: .
<191>Mar 04 2011 16:42:36: %ASA-7-711001: .
<191>Mar 04 2011 16:42:36: %ASA-7-711001: .
<191>Mar 04 2011 16:42:36: %ASA-7-711001: .
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 
<191>Mar 04 2011 16:42:36: %ASA-7-711001: L
<191>Mar 04 2011 16:42:36: %ASA-7-711001: .
<191>Mar 04 2011 16:42:36: %ASA-7-711001: .
<191>Mar 04 2011 16:42:36: %ASA-7-711001: .
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 8
<191>Mar 04 2011 16:42:36: %ASA-7-711001: .
<191>Mar 04 2011 16:42:36: %ASA-7-711001: v
<191>Mar 04 2011 16:42:36: %ASA-7-711001: w
<191>Mar 04 2011 16:42:36: %ASA-7-711001: .
<191>Mar 04 2011 16:42:36: %ASA-7-711001:

<191>Mar 04 2011 16:42:36: %ASA-7-711001: 4d
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 02
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 13
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 50
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 01
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 0d
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 6b
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 79
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 6c
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 65
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 5f
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 6d
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 63
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 69
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 76
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 65
<191>Mar 04 2011 16:42:36: %ASA-7-711001:    | 
<191>Mar 04 2011 16:42:36: %ASA-7-711001: M
<191>Mar 04 2011 16:42:36: %ASA-7-711001: .
<191>Mar 04 2011 16:42:36: %ASA-7-711001: .
<191>Mar 04 2011 16:42:36: %ASA-7-711001: P
<191>Mar 04 2011 16:42:36: %ASA-7-711001: .
<191>Mar 04 2011 16:42:36: %ASA-7-711001: .
<191>Mar 04 2011 16:42:36: %ASA-7-711001: k
<191>Mar 04 2011 16:42:36: %ASA-7-711001: y
<191>Mar 04 2011 16:42:36: %ASA-7-711001: l
<191>Mar 04 2011 16:42:36: %ASA-7-711001: e
<191>Mar 04 2011 16:42:36: %ASA-7-711001: _
<191>Mar 04 2011 16:42:36: %ASA-7-711001: m
<191>Mar 04 2011 16:42:36: %ASA-7-711001: c
<191>Mar 04 2011 16:42:36: %ASA-7-711001: i
<191>Mar 04 2011 16:42:36: %ASA-7-711001: v
<191>Mar 04 2011 16:42:36: %ASA-7-711001: e
<191>Mar 04 2011 16:42:36: %ASA-7-711001:

<191>Mar 04 2011 16:42:36: %ASA-7-711001: 72
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 02
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 12
<191>Mar 04 2011 16:42:36: %ASA-7-711001: c3
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 4e
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 67
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 7d
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 43
<191>Mar 04 2011 16:42:36: %ASA-7-711001: ba
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 41
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 19
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 47
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 58
<191>Mar 04 2011 16:42:36: %ASA-7-711001: da
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 51
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 4e
<191>Mar 04 2011 16:42:36: %ASA-7-711001:    | 
<191>Mar 04 2011 16:42:36: %ASA-7-711001: r
<191>Mar 04 2011 16:42:36: %ASA-7-711001: .
<191>Mar 04 2011 16:42:36: %ASA-7-711001: .
<191>Mar 04 2011 16:42:36: %ASA-7-711001: .
<191>Mar 04 2011 16:42:36: %ASA-7-711001: N
<191>Mar 04 2011 16:42:36: %ASA-7-711001: g
<191>Mar 04 2011 16:42:36: %ASA-7-711001: }
<191>Mar 04 2011 16:42:36: %ASA-7-711001: C
<191>Mar 04 2011 16:42:36: %ASA-7-711001: .
<191>Mar 04 2011 16:42:36: %ASA-7-711001: A
<191>Mar 04 2011 16:42:36: %ASA-7-711001: .
<191>Mar 04 2011 16:42:36: %ASA-7-711001: G
<191>Mar 04 2011 16:42:36: %ASA-7-711001: X
<191>Mar 04 2011 16:42:36: %ASA-7-711001: .
<191>Mar 04 2011 16:42:36: %ASA-7-711001: Q
<191>Mar 04 2011 16:42:36: %ASA-7-711001: N
<191>Mar 04 2011 16:42:36: %ASA-7-711001:

<191>Mar 04 2011 16:42:36: %ASA-7-711001: c0
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 67
<191>Mar 04 2011 16:42:36: %ASA-7-711001: a5
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 05
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 06
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 00
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 00
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 00
<191>Mar 04 2011 16:42:36: %ASA-7-711001: b0
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 06
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 06
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 00
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 00
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 00
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 02
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 07
<191>Mar 04 2011 16:42:36: %ASA-7-711001:    | 
<191>Mar 04 2011 16:42:36: %ASA-7-711001: .
<191>Mar 04 2011 16:42:36: %ASA-7-711001: g
<191>Mar 04 2011 16:42:36: %ASA-7-711001: .
<191>Mar 04 2011 16:42:36: %ASA-7-711001: .
<191>Mar 04 2011 16:42:36: %ASA-7-711001: .
<191>Mar 04 2011 16:42:36: %ASA-7-711001: .
<191>Mar 04 2011 16:42:36: %ASA-7-711001: .
<191>Mar 04 2011 16:42:36: %ASA-7-711001: .
<191>Mar 04 2011 16:42:36: %ASA-7-711001: .
<191>Mar 04 2011 16:42:36: %ASA-7-711001: .
<191>Mar 04 2011 16:42:36: %ASA-7-711001: .
<191>Mar 04 2011 16:42:36: %ASA-7-711001: .
<191>Mar 04 2011 16:42:36: %ASA-7-711001: .
<191>Mar 04 2011 16:42:36: %ASA-7-711001: .
<191>Mar 04 2011 16:42:36: %ASA-7-711001: .
<191>Mar 04 2011 16:42:36: %ASA-7-711001: .
<191>Mar 04 2011 16:42:36: %ASA-7-711001:

<191>Mar 04 2011 16:42:36: %ASA-7-711001: 06
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 00
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 00
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 00
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 01
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 1e
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 0f
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 39
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 39
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 2e
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 31
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 37
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 38
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 2e
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 37
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 30
<191>Mar 04 2011 16:42:36: %ASA-7-711001:    | 
<191>Mar 04 2011 16:42:36: %ASA-7-711001: .
<191>Mar 04 2011 16:42:36: %ASA-7-711001: .
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 32
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 32
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 3d
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 9
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 8
<191>Mar 04 2011 16:42:36: %ASA-7-711001: .
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 3a
<191>Mar 04 2011 16:42:36: %ASA-7-711001: -
<191>Mar 04 2011 16:42:36: %ASA-7-711001: i
<191>Mar 04 2011 16:42:36: %ASA-7-711001: .
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 2
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 63
<191>Mar 04 2011 16:42:36: %ASA-7-711001: Radius: Type = 2 (0x02) User-Password

<191>Mar 04 2011 16:42:36: %ASA-7-711001: }
<191>Mar 04 2011 16:42:36: %ASA-7-711001: C
<191>Mar 04 2011 16:42:36: %ASA-7-711001: Radius: Type = 30 (0x1E) Called-Station-Id

<191>Mar 04 2011 16:42:36: %ASA-7-711001: 1
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 39
<191>Mar 04 2011 16:42:36: %ASA-7-711001: Radius: Type = 66 (0x42) Tunnel-Client-Endpoint

<191>Mar 04 2011 16:42:36: %ASA-7-711001: 2
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 2
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 6f
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 75
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 72
<191>Mar 04 2011 16:42:36: %ASA-7-711001: .
<191>Mar 04 2011 16:42:36: %ASA-7-711001:

<191>Mar 04 2011 16:42:36: %ASA-7-711001: 32
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 3
<191>Mar 04 2011 16:42:36: %ASA-7-711001: .
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 1
<191>Mar 04 2011 16:42:36: %ASA-7-711001: 0
<191>Mar 04 2011 16:42:36: %ASA-7-711001: aa
<191>Mar 04 2011 16:42:36: %ASA-7-711001: e5
<191>Mar 04 2011 16:42:36: %ASA-7-711001:   
<191>Mar 04 2011 16:42:36: %ASA-7-711001: : IP = xx.xxx.109.1, IKE_DECODE SENDING Message (msgid=225254ac) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 72

<191>Mar 04 2011 16:42:39: %ASA-7-710005: UDP request discarded from xx.xxx.109.1/61608 to The.Cloud:xx.xxx.xx.102/4500

<190>Mar 04 2011 16:42:39: %ASA-6-305012: Teardown dynamic TCP translation from q101.Internal:10.10.1.29/51680 to The.Cloud:xx.xxx.xx.102/6090 duration 0:02:30

<190>Mar 04 2011 16:42:39: %ASA-6-305012: Teardown dynamic TCP translation from q101.Internal:10.10.1.29/51681 to The.Cloud:xx.xxx.xx.102/6091 duration 0:02:30

<191>Mar 04 2011 16:42:44: %ASA-7-609001: Built local-host The.Cloud:208.85.40.80

<190>Mar 04 2011 16:42:44: %ASA-6-305011: Built dynamic TCP translation from q101.Internal:10.10.1.29/51686 to The.Cloud:xx.xxx.xx.102/6120

<190>Mar 04 2011 16:42:44: %ASA-6-302013: Built outbound TCP connection 1852258 for The.Cloud:208.85.40.80/80 (208.85.40.80/80) to q101.Internal:10.10.1.29/51686 (xx.xxx.xx.102/6120)

<191>Mar 04 2011 16:42:45: %ASA-7-713236: IP = xx.xxx.109.1, IKE_DECODE RECEIVED Message (msgid=225254ac) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 91

<191>Mar 04 2011 16:42:45: %ASA-7-715001: Group = q101-Radius, Username = vpn_user, IP = xx.xxx.109.1, process_attr(): Enter!

<191>Mar 04 2011 16:42:45: %ASA-7-715001: Group = q101-Radius, Username = vpn_user, IP = xx.xxx.109.1, Processing MODE_CFG Reply attributes.

<191>Mar 04 2011 16:42:45: %ASA-7-711001: Mar 04 16:42:45 [IKEv1]
<191>Mar 04 2011 16:42:45: %ASA-7-711001: : IP = xx.xxx.109.1, IKE_DECODE RECEIVED Message (msgid=225254ac) with payloads : HDR + HASH (8) + ATTR (14) + NONE (0) total length : 91

<191>Mar 04 2011 16:42:45: %ASA-7-711001: Mar 04 16:42:45 [IKEv1 DEBUG]
<191>Mar 04 2011 16:42:45: %ASA-7-711001: : Group = q101-Radius, Username = vpn_user, IP = xx.xxx.109.1, process_attr(): Enter!

<191>Mar 04 2011 16:42:45: %ASA-7-711001: Mar 04 16:42:45 [IKEv1 DEBUG]
<191>Mar 04 2011 16:42:45: %ASA-7-711001: : Group = q101-Radius, Username = vpn_user, IP = xx.xxx.109.1, Processing MODE_CFG Reply attributes.

<191>Mar 04 2011 16:42:45: %ASA-7-711001: radius mkreq: 0x26e

<191>Mar 04 2011 16:42:45: %ASA-7-711001: alloc_rip 0x4150270

<191>Mar 04 2011 16:42:45: %ASA-7-711001:     new request 0x26e --> 62 (0x4150270)

<191>Mar 04 2011 16:42:45: %ASA-7-711001: got user ''

<191>Mar 04 2011 16:42:45: %ASA-7-711001: got password

<191>Mar 04 2011 16:42:45: %ASA-7-711001: add_req 0x4150270 session 0x26e id 62

<191>Mar 04 2011 16:42:45: %ASA-7-711001: RADIUS_REQUEST

<191>Mar 04 2011 16:42:45: %ASA-7-711001: radius.c: rad_mkpkt

<191>Mar 04 2011 16:42:45: %ASA-7-711001:
RADIUS packet decode (authentication request)

<191>Mar 04 2011 16:42:45: %ASA-7-711001:
--------------------------------------

<191>Mar 04 2011 16:42:45: %ASA-7-711001: Raw packet data (length = 158).....

<191>Mar 04 2011 16:42:45: %ASA-7-711001: 01
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 3e
<190>Mar 04 2011 16:42:45: %ASA-6-113004: AAA user authentication Successful : server =  10.10.1.2 : user = vpn_user

<191>Mar 04 2011 16:42:45: %ASA-7-711001: 00
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 9e
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 6f
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 7c
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 05
<190>Mar 04 2011 16:42:45: %ASA-6-113016: AAA credentials rejected : reason = AAA failure : server = 10.10.1.2 : user = vpn_user

<187>Mar 04 2011 16:42:45: %ASA-3-713167: Group = q101-Radius, Username = vpn_user, IP = xx.xxx.109.1, Remote peer has failed user authentication -  check configured username and password

<191>Mar 04 2011 16:42:45: %ASA-7-715065: Group = q101-Radius, Username = vpn_user, IP = xx.xxx.109.1, IKE TM V6 FSM error history (struct &0x907af58)  , :  TM_DONE, EV_ERROR-->TM_AUTH, EV_AUTH_FAIL-->TM_AUTH, NullEvent-->TM_AUTH, EV_DO_AUTH-->TM_WAIT_REPLY, EV_CHK_MSCHAPV2-->TM_WAIT_REPLY, EV_PROC_MSG-->TM_WAIT_REPLY, EV_HASH_OK-->TM_WAIT_REPLY, NullEvent

<191>Mar 04 2011 16:42:45: %ASA-7-715065: Group = q101-Radius, Username = vpn_user, IP = xx.xxx.109.1, IKE AM Responder FSM error history (struct &0x1d265a0)  , :  AM_DONE, EV_ERROR-->AM_TM_INIT_XAUTH_V6H, EV_TM_FAIL-->AM_TM_INIT_XAUTH_V6H, NullEvent-->AM_TM_INIT_XAUTH_V6H, EV_ACTIVATE_NEW_SA-->AM_TM_INIT_XAUTH_V6H, NullEvent-->AM_TM_INIT_XAUTH_V6H, EV_START_TM-->AM_TM_INIT_XAUTH, EV_START_TM-->AM_PROC_MSG3, EV_TEST_TM_H6

<191>Mar 04 2011 16:42:45: %ASA-7-713906: Group = q101-Radius, Username = vpn_user, IP = xx.xxx.109.1, IKE SA AM:5f891e07 terminating:  flags 0x0105c001, refcnt 0, tuncnt 0

<191>Mar 04 2011 16:42:45: %ASA-7-713906: Group = q101-Radius, Username = vpn_user, IP = xx.xxx.109.1, sending delete/delete with reason message

<191>Mar 04 2011 16:42:45: %ASA-7-715046: Group = q101-Radius, Username = vpn_user, IP = xx.xxx.109.1, constructing blank hash payload

<191>Mar 04 2011 16:42:45: %ASA-7-715046: Group = q101-Radius, Username = vpn_user, IP = xx.xxx.109.1, constructing IKE delete payload

<191>Mar 04 2011 16:42:45: %ASA-7-715046: Group = q101-Radius, Username = vpn_user, IP = xx.xxx.109.1, constructing qm hash payload

<191>Mar 04 2011 16:42:45: %ASA-7-713236: IP = xx.xxx.109.1, IKE_DECODE SENDING Message (msgid=6ccbdbac) with payloads : HDR + HASH (8) + DELETE (12) + NONE (0) total length : 80

<191>Mar 04 2011 16:42:45: %ASA-7-711001: 5a
<187>Mar 04 2011 16:42:45: %ASA-3-713902: Group = q101-Radius, Username = vpn_user, IP = xx.xxx.109.1, Removing peer from peer table failed, no match!

<188>Mar 04 2011 16:42:45: %ASA-4-713903: Group = q101-Radius, Username = vpn_user, IP = xx.xxx.109.1, Error: Unable to remove PeerTblEntry

<191>Mar 04 2011 16:42:45: %ASA-7-711001: 8b
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 68
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 81
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 26
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 67
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 14
<191>Mar 04 2011 16:42:45: %ASA-7-711001: bd
<191>Mar 04 2011 16:42:45: %ASA-7-711001: b2
<191>Mar 04 2011 16:42:45: %ASA-7-711001:    | 
<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001: >
<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001: o
<191>Mar 04 2011 16:42:45: %ASA-7-711001: |
<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001: Z
<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001: h
<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001: &
<191>Mar 04 2011 16:42:45: %ASA-7-711001: g
<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001:

<191>Mar 04 2011 16:42:45: %ASA-7-711001: 03
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 80
<191>Mar 04 2011 16:42:45: %ASA-7-711001: b9
<191>Mar 04 2011 16:42:45: %ASA-7-711001: fe
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 01
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 0d
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 6b
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 79
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 6c
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 65
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 5f
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 6d
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 63
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 69
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 76
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 65
<191>Mar 04 2011 16:42:45: %ASA-7-711001:    | 
<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001: k
<191>Mar 04 2011 16:42:45: %ASA-7-711001: y
<191>Mar 04 2011 16:42:45: %ASA-7-711001: l
<191>Mar 04 2011 16:42:45: %ASA-7-711001: e
<191>Mar 04 2011 16:42:45: %ASA-7-711001: _
<191>Mar 04 2011 16:42:45: %ASA-7-711001: m
<191>Mar 04 2011 16:42:45: %ASA-7-711001: c
<191>Mar 04 2011 16:42:45: %ASA-7-711001: i
<191>Mar 04 2011 16:42:45: %ASA-7-711001: v
<191>Mar 04 2011 16:42:45: %ASA-7-711001: e
<191>Mar 04 2011 16:42:45: %ASA-7-711001:

<191>Mar 04 2011 16:42:45: %ASA-7-711001: 72
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 02
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 12
<191>Mar 04 2011 16:42:45: %ASA-7-711001: b3
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 74
<191>Mar 04 2011 16:42:45: %ASA-7-711001: f3
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 10
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 34
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 35
<191>Mar 04 2011 16:42:45: %ASA-7-711001: ca
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 94
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 08
<191>Mar 04 2011 16:42:45: %ASA-7-711001: ca
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 07
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 85
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 85
<191>Mar 04 2011 16:42:45: %ASA-7-711001:    | 
<191>Mar 04 2011 16:42:45: %ASA-7-711001: r
<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001: t
<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 4
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 5
<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001:

<191>Mar 04 2011 16:42:45: %ASA-7-711001: ae
<191>Mar 04 2011 16:42:45: %ASA-7-711001: a2
<191>Mar 04 2011 16:42:45: %ASA-7-711001: fb
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 05
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 06
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 00
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 00
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 00
<191>Mar 04 2011 16:42:45: %ASA-7-711001: b0
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 06
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 06
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 00
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 00
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 00
<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 2e
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 9
<191>Mar 04 2011 16:42:45: %ASA-7-711001:

<191>Mar 04 2011 16:42:45: %ASA-7-711001: B
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 00
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 00
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 1c
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 69
<191>Mar 04 2011 16:42:45: %ASA-7-711001: u
<191>Mar 04 2011 16:42:45: %ASA-7-711001:    | 
<191>Mar 04 2011 16:42:45: %ASA-7-711001: =
<191>Mar 04 2011 16:42:45: %ASA-7-711001: Radius: Value (String) =

<191>Mar 04 2011 16:42:45: %ASA-7-711001: m
<191>Mar 04 2011 16:42:45: %ASA-7-711001: a2
<191>Mar 04 2011 16:42:45: %ASA-7-711001: fb
<191>Mar 04 2011 16:42:45: %ASA-7-711001: Radius: Length = 6 (0x06)

<191>Mar 04 2011 16:42:45: %ASA-7-711001:   
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 32
<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001:   
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 70
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 3a
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 73
<191>Mar 04 2011 16:42:45: %ASA-7-711001: r
<191>Mar 04 2011 16:42:45: %ASA-7-711001: c
<191>Mar 04 2011 16:42:45: %ASA-7-711001: e
<191>Mar 04 2011 16:42:45: %ASA-7-711001: -
<191>Mar 04 2011 16:42:45: %ASA-7-711001:   
<191>Mar 04 2011 16:42:45: %ASA-7-711001:   
<191>Mar 04 2011 16:42:45: %ASA-7-711001:   
<191>Mar 04 2011 16:42:45: %ASA-7-711001:    | 
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 2
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 2
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 3
<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 1
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 6f
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 7c
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 05
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 5a
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 8b
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 68
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 81
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 26
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 67
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 14
<191>Mar 04 2011 16:42:45: %ASA-7-711001:      skey 'q101'

<191>Mar 04 2011 16:42:45: %ASA-7-711001:      sip 10.10.1.2

<191>Mar 04 2011 16:42:45: %ASA-7-711001:      type 1

<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001: >
<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 00
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 02
<191>Mar 04 2011 16:42:45: %ASA-7-711001:    | 
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 37
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 00
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 01
<191>Mar 04 2011 16:42:45: %ASA-7-711001: d9
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 2c
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 90
<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001: :
<191>Mar 04 2011 16:42:45: %ASA-7-711001:

<191>Mar 04 2011 16:42:45: %ASA-7-711001: 1a
<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 7
<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 37
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 00
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 01
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 2c
<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001:
--------------------------------------

<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001: e1
<191>Mar 04 2011 16:42:45: %ASA-7-711001: f9
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 1b
<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001: .
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 2
<191>Mar 04 2011 16:42:45: %ASA-7-711001:    | 
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 0a
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 01
<191>Mar 04 2011 16:42:45: %ASA-7-711001:

<191>Mar 04 2011 16:42:45: %ASA-7-711001: 0
<191>Mar 04 2011 16:42:45: %ASA-7-711001:   
<191>Mar 04 2011 16:42:45: %ASA-7-711001: f2
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 0b
<191>Mar 04 2011 16:42:45: %ASA-7-711001:   
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 39
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 39
<191>Mar 04 2011 16:42:45: %ASA-7-711001: 1
<191>Mar 04 2011 16:42:45: %ASA-7-711001:    | 
<191>Mar 04 2011 16:42:45: %ASA-7-711001: ac
<191>Mar 04 2011 16:42:45: %ASA-7-711001: Raw packet data (length = 20).....

<191>Mar 04 2011 16:42:45: %ASA-7-711001: 3
<191>Mar 04 2011 16:42:45: %ASA-7-711001:

<191>Mar 04 2011 16:42:45: %ASA-7-711001: : Group = q101-Radius, Username = vpn_user, IP = xx.xxx.109.1, constructing IKE delete payload

<190>Mar 04 2011 16:42:47: %ASA-6-305012: Teardown dynamic TCP translation from q101.Internal:10.10.1.29/51685 to The.Cloud:xx.xxx.xx.102/6116 duration 0:00:30

group-policy VPN-Radius-GP external server-group VPN_Radius_Auth password aaaaaaaaaaaaaaaaaaaaaa

This is an external group-policy,  by definition this is a group-policy defined on the AAA server, so the ASA sends a radius access-request to retrieve the group-policy attributes.

see e.g. http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/vpngrp.html#wp1133706

If that is not what you want, then just delete the group-policy and use an internal one instead (like the "q101 VPN GP" you have).

hth

Herbert

I didnt realize someone else has posted here, I was just on my way back to post that same thing up.

The internal/external switch did exactly what you described.  I initially thought it did something else.

group-policy VPN-Radius-GP external server-group VPN_Radius_Auth password aaaaaaaaaaaaaaaaaaaaaa

The group policy is defined as external. ASA will send an access request for a user named VPN_Radius_Auth and try to download the group policy.