Dial up Authentication Issues

Unanswered Question
Oct 7th, 2008
User Badges:

Greetings,


I am attempting to set up a 2800 series router for dial up access. I would be using Windows XP to set up a connection, via the modem, to the router. I am able to reach the router and begin handshaking but when it goes to authenticate my user name and password, it fails. My ACS is showing the error message "Authentication type not supported by External DB." When I remove the "ppp authencation chap pap" line from the config, it connects without authenticating. I have having trouble trying to figure out exactly what the problem is and why won't it authenticate. Any help would be appreciated and let me know if you need anything else.


Thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jagdeep Gambhir Tue, 10/07/2008 - 08:40
User Badges:
  • Red, 2250 points or more

The message "auth type not supported by external database" means that the protocol you are using for the authentication that takes place between the end client and the NAS (network access server) is not supported by the end database.


Please see the compatibility chart.


http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/acs31/acsuser/o.htm#651


If you are using LDAP then Generic Ldap will only support PAP as authentication password protocol . It will not support Chap , Ms - chap and Ms chap v2 and you will get an error message "authentication type not suppoted by external DB " error message .


Regards,

~JG


Do rate helpful posts


bbinion80 Tue, 10/07/2008 - 09:45
User Badges:

Thank you very much, this chart has helped. I am able to get it to authenticate using PAP. I had one more question that maybe you can help with. I was going to try to get it to authenticate using ms chap v2. For some reason, that is not working while ms chap v1 is. When I was using chap, I could see in the ACS the failed attempts. While using ms-chap v2, I cannot. Any idea what could be causing this?


Thanks again for any help.

Jagdeep Gambhir Tue, 10/07/2008 - 10:44
User Badges:
  • Red, 2250 points or more

It depends on which database we are using. On acs make sure mschapv2 in enabled and make sure the protocol is supported as per the chart.



Regards,

~JG


Do rate helpful posts

bbinion80 Tue, 10/07/2008 - 11:44
User Badges:

I have MS-CHAP-v2 enabled under global authentication along with v1. Its still behaving the same way. I am authenticating against Active Directory so it does allow MS-CHAP-v2 according to the chart.

Actions

This Discussion