VPN 3000 Concentrator Authentication Error.

Answered Question
Nov 22nd, 2009

Hi Team,

I am facing the Authentication error in Concentrator.

Scenario :-

Concentrator is integrated with AD.

Error:-

---

2451 11/22/2009 13:20:35.550 SEV=3 AUTH/5 RPT=19132 86.62.198.251
Authentication rejected: Reason = Unspecified
handle = 396, server = 172.27.1.13, user = 23733, domain = <not specified>

Correct Answer by mopaul about 7 years 3 months ago

Hi subashmbi,

Gotta following questions for you :-

1. Which authentication protocol is in use with AD ?

2. By any chance the user "23733" for whom you are seeing Authentication error, is a part of mulitple groups defined in AD ?

As a quick test., try to switch the VPN group to NT domain authentication and let me know how it goes...

If NT does not work then try LOCAL authentications.

Awaiting your response with answers to the questions asked above and the test results with NT and LOCAL ...

Regards

M

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
mopaul Sun, 11/22/2009 - 20:43

Hi subashmbi,

Gotta following questions for you :-

1. Which authentication protocol is in use with AD ?

2. By any chance the user "23733" for whom you are seeing Authentication error, is a part of mulitple groups defined in AD ?

As a quick test., try to switch the VPN group to NT domain authentication and let me know how it goes...

If NT does not work then try LOCAL authentications.

Awaiting your response with answers to the questions asked above and the test results with NT and LOCAL ...

Regards

M

subashmbi Mon, 11/23/2009 - 09:08

Hi,

Thanks for the update.

Answers are inline.

Gotta following questions for you :-

1. Which authentication protocol is in use with AD ?

Kerboros

2. By any chance the user "23733" for whom you are seeing Authentication error, is a part of mulitple groups defined in AD ?

Yes, If we create the new user with same group, it is working fine without error.

As a quick test., try to switch the VPN group to NT domain authentication and let me know how it goes...

If NT does not work then try LOCAL authentications.

Current scenario is using NT authentication with this group only some user (2-3) is facing problem .

Awaiting your response with answers to the questions asked above and the test results with NT and LOCAL ...

Regards

M

mopaul Mon, 11/23/2009 - 09:46

Hi Subash,


So it worked with NT as authentication except 2-3 users. Is that correct ?

Also, the new user you created, works fine for that group in AD using kerbros.

Please confirm both the points i have raised above.



Regards

M

subashmbi Mon, 11/23/2009 - 09:53

Hi,

So it worked with NT as authentication except 2-3 users. Is that correct ?

Yes.

Also, the new user you created, works fine for that group in AD using kerbros.

Yes.

Please confirm both the points i have raised above.

Tomorrow i will try with local Authentication.

Rgds

Subash

Actions

This Discussion