I have a site with a 2811 in place for IPSEC based vpn client connections. The vpn configurations are based on local authentication, however, we would like to be able to log the VPN activity. From what I can tell, this will require a RADIUS server for the logging. Can I continue with local authentication on the 2811, but accounting to a RADIUS server on a Winodws 2003 Server?
I have the RADIUS server configured on the Windows server, but the debug isakmp aaa output shows errors trying to send the start record when a vpn session is established. I see nothing in any logs on the Windows server side.
Can anyone shed some light on the situation for me? Am I trying to accomplish the impossible? If it's possible, what am I missing?
Thank you in advance.