Configuring Cisco 3005 and Cisco VPN Client for EAP-TLS and certificates
I have a Cisco 3005, running version 4.1.7.M.
I want to set up EAP-TLS on the Cisco 3005 so that authentication passed through to a RADIUS server. For Radius, we are using a Microsoft IAS (Internet Authentication Service), which has been configured for EAP using a machine certificate. The IAS has been tested with WAPs configured for EAP-TLS and is working.
On the Cisco 3005, I have created a VPN group with the following settings:
- "EAP Proxy" enabled under PPTP and L2TP Authentication protocols
- defined a Radius authentication server (the one mentioned above) for that group.
Laptop has the following:
- Cisco VPN client v 4.8.01.0300
- user certificate
- machine certificate
- Windows XP Pro
Currently, the VPN connection from the client to the Cisco 3005 fails. There is nothing in the IAS log to indicate there was a connection from the Cisco 3005, either attempted, accepted or rejected.
What other settings are needed on the Cisco 3005? Is EAP-TLS the same as EAP Proxy?
How to configure the Cisco VPN Client?
Thanks in advance