Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
431
Views
0
Helpful
1
Replies

3005 and radius

andifur
Level 1
Level 1

‎03-12-2003 12:58 PM - edited ‎02-20-2020 09:20 PM

I am having problems getting raduis win2k to work with the 3005. I set the authentication server and was able to get authentication successfull, but when I set an Exteranl group I am getting erros. If I look in the event log its trying to authenticate the group name and not the user on the other side. So I created a user account and entered that as the group. I was able to authenticate to the raduis but the 3005 would not let me get past. We are using raduis on all of our cisco equipment, as5300's, routers, etc and nerver had a problem. Has some one experienced this before or is there a work around beside Internal groups that we would have to manage?

Thanks

Anthony

Labels:
0 Helpful
1 Reply 1

gfullage
Cisco Employee
Cisco Employee

‎03-12-2003 04:55 PM

If you just want to authenticate the users of this group to the Radius server, leave the Group set to Internal, go under the IPSec tab and set Authentication to Radius.

Setting the group to External means you want to configure the entire group parameters on the Radius server (you'll notice the configuration tabs disappear from the VPN3000 GUI). A Win2K Radius server doesn't have the ability to set all the different attributes for the group which is why it's failing.

Setting it to External works with a ACS server cause it has all the definable attributes, but even then not many people use it (I don't see any point in it personally). In general the wording on the screen just confuses people and they do what you've done.

0 Helpful
Customers Also Viewed These Support Documents