02-13-2012 01:38 AM
Hi all,
i'm tryng to configure a cisco router 3745 to act as vpn server for vpdn user access.
The router use windows 2003 Active Directory and IAS to authenticate the user access.
In our company we have two domain (domain1.domain.it and domain2.domain.it).
So, i've just configured the vpdn access for the first domain, and all is functioning well, with this configuration:
aaa new-model
!
aaa authentication ppp default group radius local
aaa authorization network default group radius local
!
vpdn enable
!
vpdn-group ITS-VPN
! Default PPTP VPDN group
accept-dialin
protocol pptp
virtual-template 1
!
interface Virtual-Template1
ip unnumbered FastEthernet0/1
no peer default ip address
no keepalive
ppp encrypt mppe auto
ppp authentication pap chap ms-chap-v2
!
ip radius source-interface FastEthernet0/0
!
radius-server host 10.x.x.x auth-port 1645 acct-port 1646
radius-server key 7 ***********
As i said before with this configuration the router and vpdn user access are functioning very well.
The problem is that i have another domain, and i would like to add the vpdn access for this other domain.
For this other domain we have another domain controller (and so another IAS server) dedicated.
Is there a method to add another radius-server for the vpdn access of the users belonging to this other domain?
02-13-2012 09:49 AM
Try under "radius-server host" you maybe able to add another host ip address, one after another.
02-20-2012 05:50 AM
Thank you rizwanr74,
I tried the configuration you suggested me.
But now, when I try to connect a user belonging to the second domain, router return me immediately: Access-Reject and the process stops without making any check on the second radius server.
Why there is no check on the second radius server?
Thanks all for attention.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: