Re: User authentication

cbroomes · ‎02-11-2002

I set up two 3015 VPN concentrators at different locations that authenticate users via the same RADIUS and LDAP servers. On one concetrator I can authenticate users that are listed in my LDAP directories in the user@domain format. This does not work on the other. Both concentrators are running the same software version (3.1.2) and are configured to authenticate the same way. What am I missing here?

ciscomoderator · ‎02-19-2002

Often times complex troubleshooting issues are best addressed in an interactive session with one of our trained technical assistance engineers. While other forum users may be able to help, it’s often difficult to do so for this type of issue.

To utilize the resources at our Technical Assistance Center, please visit http://www.cisco.com/tac and to open a case with one of our TAC engineers, visit http://www.cisco.com/tac/caseopen

If anyone else in the forum has some advice, please reply to this thread.

Thank you for posting.

cbroomes · ‎02-25-2002

Nevermind. I resolved it with the help of a Cisco Sr. Engineer (Go Cisco!!!!). On the VPN web management page click Configuration --> System --> General --> Authentication. Make sure the "Enable Group Lookup" option is unchecked. You could also create a group named @whateverdomainyouwish in the User Management, Groups page. This creates a group the 3015 can check against. You then have to create teh same group in RADIUS to verify it so the 3015 can proceed to check the LDAP user database.