Folks - I have configured my ASA 5520 to talk to ACS Server v 4.1 to authenticate end users when connecting via VPN. ACS checks Active Directory for the user account, and if it exists, it authenticates the VPN user.
Just recently, I configured the same ACS Server to authenticate users against a generic LDAP database. So when I VPN in as a user whose account exists in the LDAP database, I am unable to connect through the Cisco VPN client. I get a message "Peer 433. Connection terminated by peer for unknown reason". However, the ACS logs indicate that the user was authenticated successfully against the LDAP database. There are enough IP addresses in the VPN pool, so I know that's not an issue.
I am wondering what else could it be?