Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
575
Views
0
Helpful
1
Replies

IOS VPN w/IAS RADIUS problem

Chris Driggers
Level 1
Level 1

‎12-04-2007 01:13 PM - edited ‎03-10-2019 03:33 PM

I set up a 2811 for a client vpn connection that authenticates against a Microsoft IAS server using Active Directory credentials. It was working fine up until recently.

The server was a 2003 Standard server on SP1. Immediately after upgrading to SP2, RADIUS authentication quit working. I verified that the versions of IAS b/w SP1 and SP2 indeed changed. NO CONFIGURATION CHANGES were made on either the router or the IAS service. When I attempt to login using RADIUS, the IAS service logs a successful attempt, but the client will timeout, as if it is no longer receiving a response from the IAS server.

Has anyone run into anything like this since SP2 came out? Everything is set up according to the Cisco ASA 7.X/IAS Server config guide.

Labels:
0 Helpful
1 Reply 1

srue
Level 7
Level 7

‎12-04-2007 07:57 PM

verify that your server is indeed sending the reply packet for radius access/accept.

install ethereal or network monitor on it to do so, and then filter out for the radius traffic.

if that comes back as good, run deb ip packet (w/ an acl) on the ios vpn router and see if it's receiving the radius packet.

check the normal windows stuff, including IAS settings. delete/recreate the NAS and policy settings.

0 Helpful
Customers Also Viewed These Support Documents