Vista resident VPN client unable to authenticate through ACS Server

Unanswered Question
Feb 19th, 2007

We have users attempting to connect to our VPN concentrator externally. It looks like the connection is made and then it is checking for username/password. After that it just does not connection [or authenticate] This points me to the ACS server the Concentrator is using for Radius. The ACS is version 3.3.

The ACS is set up to check against windows active directory. IT works fine with XP just not Vista...

Any ideas?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Vivek Santuka Tue, 02/20/2007 - 05:02

Hi,

Do you see any entry in failed attempts for the Vista clients ?

Regards,

Vivek

madlm Tue, 02/20/2007 - 16:27

I am getting an error on the ACS .. 'auth type not supported by External DB' ..

I am not using the Cisco client but the VPN client connection built into Vista.

Any ideas on the error?

madlm Tue, 02/20/2007 - 16:41

The ACS is set to query Active directory first then a linux ldap server IF the ACS cannot determine if they are in the cisco secure database

Vivek Santuka Wed, 02/21/2007 - 04:45

Hi,

Active Directory does not support Chap and LDAP does not support Chap/mschap.

Regards,

Vivek

madlm Fri, 02/23/2007 - 06:42

AD does support MSCHAP2 yes?

There must be other engineers or cases on file in cisco speaking to this issue or at least a best practice configuration to get the connection between the Vista built in client and authentication through the ACS...

Actions

This Discussion