Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

3005 concentrator config

I am trying to configure a 3005 Concentrator for Kerberos or NT authentication for remote clients to access the network from home or on the road.

I would like to use the existing windows client if possible.

I have tried to configure per Cisco recommendations but do not understand a few things:

1. I can go to "Condifuration\System \Servers\Authentication" and test authentication successfully.

When I try to connect, the client makes a connection but the concentrator log shows nothing more than the connection and disconnect with no reason given.

The client end just shows trying to authenticate.

According to Cisco, I also need to configure "User Management\Groups" but when I configure that, I do not understand where the group name and password comes in to play. Why do I need that?

The concentrator log looks like the group I created is trying to authenticate to Active Directory.

Log show this and also show when I try to test the authentication at the group level:

31655 09/09/2006 14:26:13.650 SEV=4 AUTH/9 RPT=43

Authentication failed: Reason = No active server found

handle = 1013, server = (none), user = test

The cisco document on NT authentication also shows the group being created

1 REPLY
Anonymous
N/A

Re: 3005 concentrator config

Could you provide the Complete error message getting in the client. In USer Management group all users have pre-configured in the VPN Client. They authenticate into this group initially, and then are locked into a different group after user authentication. Define the group normally. Make sure you add the Drop All filter (that you just created) under the General tab. In order to use RADIUS authentication for users in this group, set the group's Type (under the Identity tab) to be Internal and Authentication (under the IPSec tab) to RADIUS. Make sure the Group Lock feature is not checked for this group.

551
Views
0
Helpful
1
Replies
CreatePlease login to create content