please give me a hand. I have a problem when authenticating across ASA 5520 via Radius to ACS appliance 4.0 via VPN. I need to configure secure authentication and NAC for VPN remote user. It just doesnt work but it works when using Tacacs so all the connection seems to be ok as ACS succesfully authenticate a remote VPN user via MS AD when using Tacacs. But I have read that I cant use NAC when using Tacacs, am I right? Logs on ASA and ACS indicate a problem with shared key but I have already double checked the key on both sides, IP address is the correct one on ASA and I have also tried all possible Radius methods on ASA. Any idea where could be a problem???
As you are using ACS 4.0, then make sure the AAA Client entry for ASA that you have created on ACS, if under a NDG, then make sure that there is no key on NDG level.
Other way, move ASA client entry as Radius on ACS to (Not Assigned) NDG on ACS.