I'm using Cisco doc #13831, by the name, "Locking Users into a VPN 3000 Concentrator Group usin ga RADIUS Server"
I've followed the directions therein, but I log into the "Everyone" group, and stay there; I'm never assigned to the proper group that is dictated by my RADIUS server. I've verified by verbose-logging on RADIUS, that the class attribute #25 is being returned in the 'authentication-accept' packet & is in the proper syntax as described in that doc. The doc doesn't explain whether the "Group Lock" feature must be used in the Everyone Group, or in the 'real' groups specified on the Concentrator.
Is anyone else using RADIUS to assign people to groups in the 3000-Series Concentrator?