I have an ASA that is using ACS as the radius authentication server.
My problem is with VPN remote access.
When i configure group-policy external and use this policy as the default policy for the tunnel-group (i download the VPN attributes from the ACS), the ASA shows an authentication error, telling that the the username or pasword is not valid.
On the other hand, when i use only the command "authentication-server-group", the VPN works fine.
Does any body know why the group-policy external command is not working? I can't find any example on cisco.com