05-24-2004 09:33 AM - edited 03-10-2019 07:49 AM
Hello all, I have browsed through the postings on this issue and cannot succeed..any advise of the following:
VPNCLIENT is my group name
147.66.17.160 is my global address
0.0.0.0 -should the NAS be this -this is local so maybe??
10.7.125.1 -this is the 1701 inside ip address
NAS config is simple...I define the aaa commands and the radius ip and key.
both the NAS and the IAS are not registered on the dns so I am using the ip address. There is connectivity between these devices (PIX acls allow connectivity)
vpn users can get in using the local NAS database.
any help????
much appreciated...chris
config as follows: ADSL(1701)---PIX---MS IAS
vpn clients terminated on 1701. The MS IAS reports that username/passwords invalid. I have followed the example on the cisco website but no joy.
The password on the MS IAS and on the NAS are exactly the same.
The error on the system log on the IAS is as follows:
User VPNCLIENT was denied access.
Fully-Qualified-User-Name = PM1-EAS\VPNCLIENT
NAS-IP-Address = 0.0.0.0
NAS-Identifier = <not present>
Called-Station-Identifier = <not present>
Calling-Station-Identifier = 147.66.17.160
Client-Friendly-Name = tst
Client-IP-Address = 10.7.125.1
NAS-Port-Type = Virtual
NAS-Port = 500
Policy-Name = <undetermined>
Authentication-Type = PAP
EAP-Type = <undetermined>
Reason-Code = 16
Reason = There was an authentication failure because of an unknown user name or a bad password.
05-31-2004 10:55 AM
Any update on this ?
06-02-2004 12:45 PM
The problem is with the radius server. When you created the accounts on the ias server the are local accounts and in windows 2000/3 you have to permit them using the remote access policy. This should work if you change the remote access policy to permit. and store the password on the windows 2000/3 server in reversible encryption. That is important if not it won't work.
Hope this helps.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide