Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
549
Views
4
Helpful
1
Replies

VPN3005 and ACS Problem

mnlatif
Level 3
Level 3

‎07-26-2005 10:53 PM - edited ‎03-10-2019 02:14 PM

Hi,

When using Cisco ACS as the RADIUS server, the authentication is being failed by the VPN Concentrator with the following message

"Authentication Rejected: Group password is not configured"

Even though the the ACS server send an Access-Accept back to the VPN concentrator but VPN concetrator still rejects the connect attempt.

If I replace the ACS server with a Windows IAS RADIUS server then Authentication is OK.

Is ACS server sending some kind of VSA to the VPN box, which causes the rejection ?

\\ Naman

Labels:
0 Helpful
1 Reply 1

didyap
Level 6
Level 6

‎08-01-2005 12:55 PM

The message " Authentication Rejected: Group password is not configured" is often seen when you're passing back a group name from the Radius server, and that Radius group doesn't exist on the VPN. Check the Radius attributes on the Radius server for the user you are testing with (and the ACS group that user is in), do you have attribute 25 (Class) checked, and is there a value for it similar to "OU=groupname;"? Also, on ACS make sure the concentrator is being defined as Radius (Cisco VPN 3000).

Customers Also Viewed These Support Documents