Problem with Cisco 1721 + ACS 4.0 and VPND windows users auth

Unanswered Question
Oct 22nd, 2007


I used this example for making VPND server with radius auth for WinXP SP2 users -

But users cant pass auth - in ACS logs i see what everything is ok - status in passed auths is - Authen OK.

Debug output and config file are in attach.

Thanks in advanced.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Premdeep Banga Mon, 10/22/2007 - 03:52

debug indicate that radius is responding, and in debugs we can see,

"RADIUS: response-authenticator decrypt fail, pak len 126"

Device is somehow not able to decrypt the response. Generally its due to shared secret mismatch. But I don't think that's the case.

Please check if this applies,

CSCsh02500 : L2TPv2 calls fail when receiving hidden AVPs



hyperglobus Mon, 10/22/2007 - 21:44


1st - i checked key between cisco and ACS (because found a lot of examples of this error), after this i checked also users and passwords - because this group in ACS is maped to Windows AD.

L2TPv2 calls fail when receiving hidden AVPs ???


This Discussion