VPN 3000 Concentrator group = xxxx, status = Not-in-service?

Unanswered Question
Nov 30th, 2007


We have 3 radiusservers, when we put the 1.73 server on the top of the list in authentication servers it still authenticates with the 1.62 server. Which was earlier in the top of the list.

We can see that authentication takes place on the 1.62 and not on the 1.73. Als we checked the groups and which radius servers are configured there the 1.73 is on top.

Why does the concentrator not take 1.73?

We use image file vpn3000-4.7.2.F-k9.bin.

On the log of the concentrator we see:

22782 11/30/2007 11:21:50.130 SEV=4 AUTH/15 RPT=12693

Server name = x.x.1.73, type = RADIUS,

group = unimaas, status = Not-in-service


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
JORGE RODRIGUEZ Fri, 11/30/2007 - 03:46

I would check the 1.73 IAS/RADIUS settings secret keys perhaps don't match with concentrator secret key settings causing it to authenticate through 1.62, you can actually test authentication within concentrator and 1.73 RADIUS and see if it does work for 1.73, try that.



MJonkers Fri, 11/30/2007 - 11:23

Hi Jorge,

That I tried and it worked, but I solved the problem. Within a group radiusservers are defined the 1.62 had port nr udp 18xx but the 1.73 had the standard udp port. That caused the concentrator to fallback to the 1.62. I changed the udp port and it worked.




This Discussion