Ezvpn/RAvpn VTI with radius server

saxenanitesh8522 · ‎03-06-2012

Hi

I am trying to configure IOS RAvpn/EZvpn with radius server. My radius server is windows 2008 but i am not getting any success. Please if any can help me correct my configuration and guide me on windows 2008 server side it will be great.

Right now my radius server is working and with test aaa command i am able to authenticate.

Please find my configuration below

aaa authentication login EZVPN group radius

aaa authorization network EZVPN group radius

aaa accounting network default start-stop group radius

crypto isakmp policy 10

encr 3des

hash md5

authentication pre-share

group 2

!

crypto isakmp client configuration group vpngrp

key ttkvpn123

dns 8.8.8.8

pool POOL_EZVPN

acl ACL_EZVPN

max-logins 1

netmask 255.255.0.0

crypto isakmp profile ISAKMP_PROFILE_EZVPN

match identity group ttkvpngrp

client authentication list EZVPN

isakmp authorization list EZVPN

client configuration address respond

client configuration group vpngrp

virtual-template 1

crypto ipsec transform-set 3DES_MD5 esp-3des esp-md5-hmac

crypto ipsec transform-set TS_3DES_SHA esp-3des esp-sha-hmac

!

crypto ipsec profile EZVPN

set transform-set 3DES_MD5

!

crypto ipsec profile IPSEC_PROFILE_EZVPN

set transform-set TS_3DES_SHA

set isakmp-profile ISAKMP_PROFILE_EZVPN

interface Virtual-Template1 type tunnel

ip unnumbered FastEthernet0/0

tunnel mode ipsec ipv4

tunnel protection ipsec profile IPSEC_PROFILE_EZVPN

!

ip local pool POOL_EZVPN 10.10.1.65 10.10.1.121

Aaron Castro Sanchez · ‎11-24-2012

Hi,

Did you finally found solution for this?

Cheers,

Peter Koltl · ‎11-25-2012

Did you define the radius server in the config?

Perform a

"debug radius"

test

See this article for reference:

http://ltlnetworker.wordpress.com/2010/05/10/ios-easy-vpn-with-radius-and-aaa-cache-2/

(without the Authorization and Authentication Cache parts)