Re: PIX IPsec Xauth to W2K IAS Radius Server

darren.foo · ‎03-14-2001

Has anyone had any luck getting this working? I followed the guidelines at http://www.cisco.com/warp/public/110/pixcryaaa52.html

but when I am prompted for the radius user/pass it fails. I checked the event logs and there's 2 entries... one that says successfully granted access, and then another at the same time saying that the username or password is wrong. I tried just using Radius authentication without IPSec, and it works. Anyone know what may be the problem?

s-doyle · ‎03-19-2001

It’s possible the PIX already cached the unsuccessful attempt. Try clearing the uauth table in the PIX and trying again.

jcronkwright · ‎06-27-2001

We have cleared the uauth table. We are trying to use the vpn 3000 2.5 client. Has anyone used this client with extended authorization to a 2000/radius server?

2d-ruttino · ‎07-31-2001

The only issue I ran into was that you need to set IAS to allow unencrypted passwords.

gattanasio · ‎04-24-2001

How do you give user and password. The only way it works is giving the domain/user and the password. Withouth the domain the authentication fails

darren.foo · ‎04-24-2001

You shouldn't have to use the DOMAIN\user syntax using xauth to IAS. Just create a rule like users with remote dial-in enabled are allowed.