02-19-2007 10:46 AM - edited 03-10-2019 02:59 PM
We have users attempting to connect to our VPN concentrator externally. It looks like the connection is made and then it is checking for username/password. After that it just does not connection [or authenticate] This points me to the ACS server the Concentrator is using for Radius. The ACS is version 3.3.
The ACS is set up to check against windows active directory. IT works fine with XP just not Vista...
Any ideas?
02-20-2007 05:02 AM
Hi,
Do you see any entry in failed attempts for the Vista clients ?
Regards,
Vivek
02-20-2007 11:28 AM
Hi,
I have the latest vista vpn client and I am able to connect through our VPN connectrator using ACS for authentication with AD. Check the logs on your ACS and try debugging ont he client itself.
02-20-2007 04:27 PM
I am getting an error on the ACS .. 'auth type not supported by External DB' ..
I am not using the Cisco client but the VPN client connection built into Vista.
Any ideas on the error?
02-20-2007 04:41 PM
The ACS is set to query Active directory first then a linux ldap server IF the ACS cannot determine if they are in the cisco secure database
02-21-2007 03:52 AM
Hi,
Can you try it without using MPPE encryption.
If it works, then you have to play around with authentication settings(MSCHAP v1 ,MSCHAP v2) on the Conc and on the client.
This link would help you :
http://cisco.com/en/US/tech/tk827/tk369/technologies_tech_note09186a0080094310.shtml
HTH,
-Kanishka
02-21-2007 04:45 AM
Hi,
Active Directory does not support Chap and LDAP does not support Chap/mschap.
Regards,
Vivek
02-23-2007 06:42 AM
AD does support MSCHAP2 yes?
There must be other engineers or cases on file in cisco speaking to this issue or at least a best practice configuration to get the connection between the Vista built in client and authentication through the ACS...
02-23-2007 11:37 AM
Hi,
AD supports MSchap but not Chap.
Regards,
Vivek
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide