cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
767
Views
0
Helpful
4
Replies

Wireless PEAP authentication across VPN tunnel

hajoca
Level 1
Level 1

We are using the Cisco 871 series routers for VPN connectivity. I am testing the 871W for for VPN and wireless connectivity. I am able to get the VPN working but am having trouble with the wireless authentiction using PEAP and authentication via active directory. The problem is, my router cannot, because of the VPN connection, "talk" directly to my authentication server using the LAN ip address. I can get authentication to work if I pass the traffic through the internet, punching a hole in my firewall to complete the authentication process. This is not my preferred method. What can I do to get around may VPN access lists that are preventing my direct connectivity to my server?

1 Accepted Solution

Accepted Solutions

Are you able to ping the ip address of radius server through the tunnel ?

Try adding this :

ip radius source-interface BVI1

*Please rate if helped.

-Kanishka

View solution in original post

4 Replies 4

kaachary
Cisco Employee
Cisco Employee

Is the Authentication server located at the other end of the tunnel ?

Please provide a snippet of the relevant configuration so that we can suggest some changes.

-Kanishka

Attached is a portion of the configuration the way I would LIKE it to work. This configuration does not currently work. However, if I substitute a public IP address for my nas server (permitted through my firewall) it will work.

Are you able to ping the ip address of radius server through the tunnel ?

Try adding this :

ip radius source-interface BVI1

*Please rate if helped.

-Kanishka

JACKPOT! That did it! Thanks.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: