Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
528
Views
0
Helpful
1
Replies

Radius Authentication through a Site-To-Site VPn

Joseph E Spoon
Level 1
Level 1

‎02-01-2015 10:21 AM - edited ‎03-10-2019 10:23 PM

I'm having issues getting RADIUS authentication to work from a remote router through a VPN tunnel back to the NPS server.

 

Diagram:

 

Remote Router -> VPN -> Main Router -> NPS

Doesn't Auth                      Does Auth

 

Remote Router Relevant config:

aaa new-model
!
!
aaa authentication login default group radius local
aaa authorization exec default group radius local
aaa authorization network default if-authenticated

!

ip radius source-interface Vlan1


!

radius-server host 192.168.1.2 key XXX

!

 

Main Router Relevant config
:

aaa new-model
!
!
aaa authentication login default group radius local
aaa authentication ppp default group radius local
aaa authorization exec default group radius local
aaa authorization network default if-authenticated


!

ip radius source-interface Vlan1


!

radius-server host 192.168.1.2 key XXX

 

Logs on the server suggest that it is permitting the username but I get access denied on the router.  Any help is much appreciated.

 

Thans

 

Labels:
0 Helpful
1 Reply 1

Joseph E Spoon
Level 1
Level 1

‎02-25-2015 04:49 AM

This turned out to be the key I was using for RADIUS.  It was 6 characters long.  Once I made it over 8 characters long it started working just fine.

 

Thanks

0 Helpful
Customers Also Viewed These Support Documents