Router remote access using cisco acs configuration

Unanswered Question
Jun 14th, 2010
User Badges:

can anyone help me?

i have set up a test network for practice setting up a remote access
connection between a cisco vpn client and a cisco router using a cisco
secure acs (version 3.3) for authentication and authorization instead
of the local database, but i can't get it to work when i try to connect
using the vpn client i don't even get a username/password prompt, i belive
i have setup the acs server correctly and have added a user (see attachments)
but i have no idea if there is any further configuration that needs to be
done as a search of several books and the net has proved fruitless.

any help on this will be greatly appreciated


Melvyn Brown

i tried to use the radius protocol for authentication and authorization
but that did not work either.

Router config

access-list 101 permit ip

access-list 102 deny ip
access-list 102 permit ip any

ip local pool test-pool

crypto ipsec transform-set BOSTON esp-3des esp-md5-hmac

crypto isakmp client configuration group London
key cisco
pool test-pool
acl 101

aaa new-model

tacacs-server host
tacacs-server key secret1

aaa group server tacacs+ TACACS1

aaa authentication login userauthen group TACACS1
aaa authorization network groupauthor group TACACS1

crypto isakmp enable
crypto isakmp identity address

crypto isakmp policy 10
authentication pre-share
encryption 3des
hash md5
group 2
lifetime 86400

crypto dynamic-map dynmap 10
set transform-set BOSTON

crypto map client1 client authentication list userauthen
crypto map client1 isakmp authorization list groupauthor

crypto map client1 client configuration address respond
crypto map client1 20 ipsec-isakmp dynamic dynmap

interface FastEthernet0/0
ip address
ip nat outside
crypto map client1
no shut

interface FastEthernet0/1
ip address
ip nat inside
no shut

route-map nonat permit 10
match ip address 102

ip nat inside source route-map nonat interface FastEthernet0/0 overload

ip route

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion