Re: VPN 3005 and Microsoft Radius Server (MS Internet Authentica

paulawong · ‎08-12-2002

Has anyone gotten Microsoft Radius Server (IAS) on NT to work with the

VPN 3005 Concentrator?

I am trying to configure the VPN 3005 to use our NT domain, which has the

Radius Server installed, to authentication users. In addition, to be able to

use the new feature called NT with Expiry. My VPN concentrator is at the latest

version to suppor this new feature, which allows a user, who's password has expired, to be able to change their password remotely while VPN'ing in.

Apprecate any help you can provide.

Thanks!

Paula

lnunez6 · ‎08-14-2002

Win2k IAS working with VPN 3000 concentrators.

Whats your IAS logs say \winnt\system32\logfiles\*.log

Make sure IAS is configured correctlly with

1. share secrets

2. IAS is registed in Active Directory (if you have one)

3. Configure Cisco VPN to Radius port 1812 for authentication

4. Configure Cisco VPN to Radius port 1813 for accounting.

hope this helps.

bderry · ‎09-10-2002

In IAS what is required in the reply to the VPN Concentrator to authenticate correctly. I know that when I was messing with the AAA stuff for IOS Routers that there was a certain AV Pair I had to include for it to work right.

Thanks,

Ben

jsalminen · ‎10-31-2002

I have implemented the exact system you are attempting. Unfortunately, you require MSCHAPv2 to provide password expiry/change capabilities which NT4 does not support. Windows 2000 server supports MSCHAPv2, plus a bunch of other authentication protocols.

m-keene · ‎01-01-2003

I got mine to work yesterday. On the Microsoft IAS when I made the client entry for the 3005, I selected "Microsoft" instead of Cisco or standard radius. This makes no sense, but for some reason it worked.

VPN 3005 and Microsoft Radius Server (MS Internet Authentication Server)