Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

VPN PPTP with Radius

Unanswered Question
Mar 16th, 2006
User Badges:

Hello All...

I´m configuring VPN PPTP on Cisco Router, and when I configure authentication LOCAL, it is work fine.

Now I want to use Radius Server, and I have this configuration:


aaa new-model


aaa authentication login default local

aaa authentication ppp VPNWEB group radius local

aaa authorization network VPNWEB group radius if-authenticated local


vpdn enable

vpdn ip udp ignore checksum


vpdn-group 1

! Default PPTP VPDN group


protocol pptp

virtual-template 1



interface Virtual-Template1

ip unnumbered FastEthernet0/1

peer default ip address pool VPNWEB-POOL

no keepalive

ppp encrypt mppe auto required

ppp authentication ms-chap ms-chap-v2 pap chap VPNWEB



radius-server host Y.Y.Y.Y auth-port 1812 acct-port 1813

radius-server key XXXXX


This is my configuration on cisco router. Is it correct?

I´m using Free Radius on Linux.

Thanks all...

Cassio Gomes

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
smalkeric Wed, 03/22/2006 - 11:01
User Badges:
  • Silver, 250 points or more

Few RADIUS servers support Microsoft Point-to-Point Encryption (MPPE). To use the vpdn group group-name ppp encryption mppe command in the PIX, the RADIUS server must support MPPE.

MPPE is supported only in some RADIUS servers (not in TACACS+ servers). Three RADIUS servers that support MPPE are:

Cisco Secure 2.5 and later


Microsoft IAS


This Discussion