Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
840
Views
0
Helpful
1
Replies

tunnel authentication error

a.sanes
Level 1
Level 1

‎10-18-2004 06:54 AM

hi... when trying to get a user autenticated i get an autherization error from the ras. The goal is to bring up an l2tp tunnel sending to the radius server the domain (user@domain)... according to the debug output the radius accept the autentication request but afterwards an authentication error stop the ras from receiving the tunnel attributes from the radius

part of the debug output

Oct 18 09:53:51: RADIUS: authenticating to get author data

Oct 18 09:53:51: RADIUS: ustruct sharecount=2

Oct 18 09:53:51: RADIUS: Initial Transmit Async179 id 6 10.10.10.10:1645, Access-Request, len 93

Oct 18 09:53:51: Attribute 4 6 AC11283C

Oct 18 09:53:51: Attribute 5 6 000000B3

Oct 18 09:53:51: Attribute 61 6 00000000

Oct 18 09:53:51: Attribute 1 13 76706E74

Oct 18 09:53:51: Attribute 30 6 38333232

Oct 18 09:53:51: Attribute 31 12 32313235

Oct 18 09:53:51: Attribute 2 18 51D06AEC

Oct 18 09:53:51: Attribute 6 6 00000005

Oct 18 09:53:51: RADIUS: Received from id 6 10.10.10.10:1645, Access-Accept, len 234

Oct 18 09:53:51: Attribute 11 12 6E667573

Oct 18 09:53:51: Attribute 7 6 00000001

Oct 18 09:53:51: Attribute 6 6 00000002

Oct 18 09:53:51: Attribute 27 6 00005451

Oct 18 09:53:51: Attribute 26 31 0000000901197670

Oct 18 09:53:51: Attribute 26 54 0000000901307670

Oct 18 09:53:51: Attribute 26 30 0000000901187670

Oct 18 09:53:51: Attribute 26 39 0000000901217670

Oct 18 09:53:51: Attribute 26 30 0000000901187670

Oct 18 09:53:51: RADIUS: saved authorization data for user 6272A1A0 at 624D093C

Oct 18 09:53:51: RADIUS: Bad attribute (unsupported attribute): type 11 len 12 data 0x6E667573

Oct 18 09:53:51: AAA/AUTHOR (901646460): Post authorization status = ERROR

Oct 18 09:53:51: Async179 AAA/AUTHOR/VPDN (901646460): Method=NOT_SET

Oct 18 09:53:51: Async179 AAA/AUTHOR/VPDN (901646460): no methods left to try

Oct 18 09:53:51: AAA/AUTHOR (901646460): Post authorization status = ERROR

Oct 18 09:53:51: AAA/MEMORY: free_user (0x6272A1A0) user='vpntest.net' ruser='' port='Async179' rem_addr='2125002365/8322' authen_type=NONE service=LOGIN priv=0

and the aaa configuration in the 5300 AS:

aaa authentication login default local group cs-servers

aaa authentication login vtystyle group tacacs-unired local

aaa authentication ppp default group unired-servers local

aaa authorization exec vtystyle group tacacs-unired local if-authenticated

aaa authorization commands 15 vtystyle group tacacs+ local

aaa authorization network default group unired-servers group cs-servers

The same domain is authenticated with the same group of servers (cs-servers) in 5400 AS with no problem. Also in the 5300 other clients are bringing up tunnels after being authenticated using dnis number and with the other group of radius servers "unired-servers"

pls if someone can give me a hint of what may be happening?

Thanks ahead

asanes

Labels:
0 Helpful
1 Reply 1
Customers Also Viewed These Support Documents