Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

3005 and externally configured group authentication

Network:

NT 4.0 single domain network. (2 domain controllers)

Cisco 3005 VPN Concentrator Version 3.6

Client:

Version 3.6 on Windows 2000 Pro box

Problem:

I setup the VPN box with both an externally configured group (one of my standard NT groups ie. Domain Users) and an internal group (internally configured 'tester' group). Using the VPN client on my windows 2000 pro box, I can connect using the internally configured 'tester' account, but not the external accounts.

For the external group, I have:

1. Setup the group name EXACTLY as it appears in the NT Domain

2. Set a known password.

3. Set the Auth servers to be the NT servers (which when I test either domain controller, they both fail for some reason. Just to note: I have the same servers used in the 'Configuration | System | Servers | Authentication' section of the config. Both domain controllers pass the test in that section of the config)

When I try and connect using the externally configured group, I get a "remote peer is no longer responding" on the VPN client

Any ideas why my externally configured groups aren't working (or am I doing something fundamentally wrong?)

1 REPLY
Cisco Employee

Re: 3005 and externally configured group authentication

Are you doing the external group authentication thru a normal NT domain authentication on the concentrator. If so this is not the way to do it, you could only do the external group definition/authentication, using radius. See:

http://www.cisco.com/warp/customer/471/vpn_3000_auth.html#topic2

90
Views
0
Helpful
1
Replies
CreatePlease login to create content