03-31-2005 11:31 PM
Dear All,
I use Concentrator 3030 and VPN Clinet 3.6.6A. I have configured a Microsoft CA Server. The Concentraor and VPN Clinet has certificate imported.
When I connect to concentrator from client, the connection success immediately. But there is no user login pormpt for username and password.
Where can I enable the user login for this?
Thanks.
04-01-2005 12:26 AM
Hello,
Is the "group" configuration similar to this example?:
Is the user part of this group?
HTH,
Mustafa
04-01-2005 02:06 AM
Yes, the user is part of the group.
My config is similar except "Configuration > User Management > Groups; under the IPSec Tab, when I config the authentication to Internal, the connection failed. When I use None, the connection is ok without user login prompt.
Any mis-configuration?
Thanks.
04-02-2005 01:39 AM
Hi,
You should try to look under "Configuration | Policy Management | Certificate Group Matching | Rules" in order to "map" some of your certificate's attributes to the group you defined. Place the user in this group and you'll see that a screen "username|password" appears on the VPN client side.
You should try to use the Monitoring | Live Filter Log for very comprehensive messages on what happens during "handshaking" procedure between VPN client and VPN Concentrator.
Let me know if I can help you further.
TIA,
Mihai
04-20-2005 12:00 PM
Hi,
Do you have XAUTH enabled?
Under
Configuration | Tunneling and Security | IPSec | IKE Proposals | Modify
you should have enabled an "Authentication Mode" that supports eXtended authentication.
For example, Cisco Documentation says:
RSA Digital Certificate (XAUTH) = Use a digital certificate with keys generated by the RSA algorithm. Require user-based authentication via XAUTH.
Hope that helps.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide