VPN authentication error 427

Unanswered Question
Dec 16th, 2008
User Badges:

I have Altiga 3000 VPN concentrator trying to use RADIUS authentication on W2k3 boxes with IAS installed. Client is Cisco VPN version 4.8 and 5. Base group setup and logs in fine. When asking for user/pass, it always fails with error 427. looking at logs it thinks the username/password is wrong. If I try enough times, Active Directory will lock me out. I know user/pass is correct.

Windows event log shows user was denied access. Have tried this on various boxes setup for RADIUS configuration. Same error always.

Let me know what else info is needed.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
mchin345 Mon, 12/22/2008 - 14:52
User Badges:
  • Silver, 250 points or more

Make sure authentication password had expired and therefore was promptly disconnecting my tunnel after you supplied your login information; hence the 427 reason code. After you reset your password, then successfully authenticate and establish your vpn client connectivity. So, you might verify that your username and password for authentication are correct and/or not expired.

If that is not your issue, then I found this page that states that it could possibly be a IP address allocation issue from the vpn server/concentrator

firstbusey Tue, 12/30/2008 - 12:17
User Badges:

I am confused on the authentication password. Where is that set at? I have a shared secret between the concentrator and the RADIUS server, but that wouldn't expire.

Also, what page were you referring to? I did not see any link.


This Discussion