Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

3000 Internal authentication problem


I am connecting to the concentrator fine with PPTP, the user that is failing is a HW client which is a GROUP, using a group name and user name that are different than me. When I set

"authentication" to none, the HW client connects. When I set "authentication" to INTERNAL, I get this in the EVENT log - [A user attempted to log on using only group credentials:]

I am using INTERNAL authentication. PPTP users do not have a problem, I think this is an IPSec issue of some kind.



Re: 3000 Internal authentication problem

If a Cisco VPN 3000 series concentrator is set up for internal authentication with only group accounts configured and no user accounts configured, then a VPN client logging in using PPTP or IPSEC user authentication succeeds by using a group name/password as login credentials. For VPN client connections using IPSEC user authentication, the Cisco VPN series concentrator will not allow the VPN client to use the same group name/password as what is configured in the VPN client's connection properties, but if another group account exists on the concentrator, then using its group name/password the VPN client can authenticate to the VPN concentrator. The Cisco VPN 3002 Hardware Client does not support PPTP or incoming connections and therefore is not vulnerable to this problem

CreatePlease to create content