VPN clients not connecting

Unanswered Question
Jun 17th, 2009
User Badges:

Folks - I have configured my ASA 5520 to talk to ACS Server v 4.1 to authenticate end users when connecting via VPN. ACS checks Active Directory for the user account, and if it exists, it authenticates the VPN user.

Just recently, I configured the same ACS Server to authenticate users against a generic LDAP database. So when I VPN in as a user whose account exists in the LDAP database, I am unable to connect through the Cisco VPN client. I get a message "Peer 433. Connection terminated by peer for unknown reason". However, the ACS logs indicate that the user was authenticated successfully against the LDAP database. There are enough IP addresses in the VPN pool, so I know that's not an issue.

I am wondering what else could it be?

Any ideas?


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
irisrios Tue, 06/23/2009 - 07:21
User Badges:
  • Silver, 250 points or more

In order to resolve this issue enable NAT Traversal (NAT-T) or IPsec over User Datagram Protocol (UDP) on the VPN Concentrator.


This Discussion