I am trying to authenticate users from a VPN Concentrator (3030) to our NT Domain. We are not running AD yet but we are required to use NTLMv2 authentication on the Domain.
I want to use ACS4.0 to authenticate Radius w/Expiry from the VPN concentrator and let ACS handle the NTLMv2 part.
In ACS I have defined my Domain in the External Users Database, I have defined the Unknown User Policy to use the Windows Database, and I have defined the Group Mapping to point to the default group.
When I run the Authentication test from the VPN setup screen I get a failed request.
In the CSAuth log I am getting:
AUTH 02/16/2006 15:13:42 E 0376 1572 External DB [NTAuthenDLL.dll]: Windows authentication FAILED (error 1326L)
AUTH 02/16/2006 15:13:42 E 0376 1572 External DB [NTAuthenDLL.dll]: Windows authentication FAILED (error 1326L)
With NTLMv2 turned off and running ACS 3.2 this setup is working (My production network) My only reason for upgrading to ACS4.0 was the NTLMv2 portion.
Does anyone have any advise? thanks!