radius authentication and Checkpoin/Nokia device

Unanswered Question
Jul 15th, 2007

hi,

I tried to authenticate and authorized Nokia/checkpoint Nortel/AD3 and Nortel 5510 platform using an 4.1 for windows ACS. the ACCESS-REQUEST is well processed bi the radius server wich send ACCESS-ACCEPT to the AAA Client (ie NORTEL or NOKIA), but i'have got access denied on the Client side.

RADIUS IETF Dictionnary is used for every device.

all others Cisco Devices authenticate and are well authorized.

I didn't found any documentation about this item.

best regards

Alai

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Premdeep Banga Sun, 07/15/2007 - 10:48

Hi Alai,

As you have segregated the issue to till the point that ACS indeed is sending ACCESS-ACCEPT.

Now to troubleshoot this issue. First I would recommend you to only turn on Authentication on Nokia/checkpoint Nortel/AD3 and Nortel 5510 and turn off authorization if configured on these devices. And then check if you are able to log in.

And the exact reason why your access was denied on those devices could only be found by turning some sort of debugs, which will tell you whay those devices denied the request, even though radius server allowed them. It could it was looking for some extra attribute, or it could be timeout issue, i.e. ACCESS-ACCEPT never reached that device etc etc.

But the real reason, if Radius server authenticated the user, could only be found from device debugs.

Regards,

Prem

Actions

This Discussion