I tried to authenticate and authorized Nokia/checkpoint Nortel/AD3 and Nortel 5510 platform using an 4.1 for windows ACS. the ACCESS-REQUEST is well processed bi the radius server wich send ACCESS-ACCEPT to the AAA Client (ie NORTEL or NOKIA), but i'have got access denied on the Client side.
RADIUS IETF Dictionnary is used for every device.
all others Cisco Devices authenticate and are well authorized.
Re: radius authentication and Checkpoin/Nokia device
As you have segregated the issue to till the point that ACS indeed is sending ACCESS-ACCEPT.
Now to troubleshoot this issue. First I would recommend you to only turn on Authentication on Nokia/checkpoint Nortel/AD3 and Nortel 5510 and turn off authorization if configured on these devices. And then check if you are able to log in.
And the exact reason why your access was denied on those devices could only be found by turning some sort of debugs, which will tell you whay those devices denied the request, even though radius server allowed them. It could it was looking for some extra attribute, or it could be timeout issue, i.e. ACCESS-ACCEPT never reached that device etc etc.
But the real reason, if Radius server authenticated the user, could only be found from device debugs.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...