Hello all,
I have IPSEC VPN clients terminating on the outside interface of a PIX 515 with a crypto map defined (crypto map mymap client auth test ) that attempts to authenticate the user using XAUTH to an inside Windows 2000 IAS Radius server.
When I try to connect from a remote VPN 3000 (3.5a) client, I am not prompted for username and password. It's as if the PIX cannot talk to the IAS Radius server.
If I disable the crypto map mymap client auth, the VPN connection is established without problems.
On the PIX, the log shows that it is constantly "ISAKMP (0): retransmitting phase 2..."
As a note, the inside interface of the PIX must talk to a Cisco 2621 in order to get to the true inside network. The Cisco 2621 has no access lists defined. The IAS Radius server exists behind the Cisco 2621.
Here is the actual setup:
IAS Radius Server ----- Cisco 2621 ---- Cisco PIX 515 --- Another Cisco 2621
I had this working without either Cisco 2621 in place. Now I'm not sure what's going on.
The IAS Radius server logs show nothing.
Please help.
Thanks,
Dean Davis