Re: ASA5505 IPSec VPN authenticate with Windows 2008 server

who · ‎01-10-2013

Recently, I set a ASA5505 with Ipsec VPN. And I try AAA authenticate with internal Windows 2008 server. As docuemnt I read, I configure from ASDM authentication with "NT Domain". And then point to internal DC, which is Windows 2008 server. While I test it, it shows error

"Authentication test to host 192.168.xxx.xxx failed. Following error occurred --

ERROR: Authentication server not responding. No Error"

Any Helps are highly appriciated! Thanks!

Karsten Iwen · ‎01-10-2013

"NT Domain" is for Windows NT4 ...

I still go the "traditional" way and use RADIUS against the build in RADIUS-Server of Windows (Network Policy and Access Services). That works like a charm.

--
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

Haitham Jaradat · ‎01-10-2013

Hi
The message you are getting Most probably means the asa cannot reach the server or the admin account t used to access the server is invalid, can you capture the traffic between the ASA And the server and attach it here, to collect the capture "cap cap interface match ip host host "
Once you setup the capture test the aaa server and then export the capture in PCAP format by going to the URL Https:///capture/cap/pcap

Sent from Cisco Technical Support iPhone App

who · ‎01-11-2013

Thanks both Karsten and Haitham respond.

I will enable the capture and post resoult soon. Thanks again!

Please see attached file for captured data