Change Authentication method in VPN 3000

Unanswered Question
Mar 8th, 2007

Hi,

i'm configuring a Cisco VPN 3000 Concentrator, and i already have configured my RADIUS IAS server. Authentication is OK, but only if i allow PAP method in the remote access policy of the RADIUS server. I don?t want to use that method, i would want to use MSCHAP but i don?t know how to do it.

This is the error in the event viewr when i try to access without allowing PAP:

--------------------------------

User elvirl01 was denied access.

Fully-Qualified-User-Name = ar.net/HESA/Usuarios/elvirl01

NAS-IP-Address = 172.17.24.31

NAS-Identifier = <not present>

Called-Station-Identifier = <not present>

Calling-Station-Identifier = <not present>

Client-Friendly-Name = Concentrador

Client-IP-Address = 172.17.24.31

NAS-Port-Type = Virtual

NAS-Port = <not present>

Proxy-Policy-Name = Use Windows authentication for all users

Authentication-Provider = Windows

Authentication-Server = <undetermined>

Policy-Name = HESA

Authentication-Type = PAP

EAP-Type = <undetermined>

Reason-Code = 66

Reason = The user attempted to use an authentication method that is not enabled on the matching remote access policy.

------------------------------

Please, can anybody help me??

Best regards,

Luis

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.

Actions

This Discussion