cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
405
Views
0
Helpful
1
Replies

HOW TO ENABLE RADIUS OVER VPN

ciscoacs
Level 1
Level 1

i have site to site vpn with 2 pix firewalls. the connection works fine but when i try and use radius/acs for the ssh authentication instead of local i receive the messages under logging:

710001: TCP access requested from x.1.61.12/4689 to inside:x.21.0.1/ssh

710002: TCP access permitted from x.1.61.12/4689 to inside:x.21.0.1/ssh

109002: Auth from 0.0.0.0/0 to x.1.61.12/0 failed (server x.1.202.17 failed) on interface outside

does anyone know why this does not work. also why is this auth from 0.0.0.0 and not from the ip address of the firewall.

thanks

sam

1 Reply 1

ehirsel
Level 6
Level 6

Can you post the relevant parts of the config; in particualr the aaa-server and the aaa statemtents, as well as a general topology?

These can help me solve your issue.