I am trying to setup our concentrator to allow PPTP VPN sessions using local authentication. I setup a pptp group on our concentrator and setup a local user which is associated with the group. I set the tunneling protocols to PPTP on both the group and user levels. I also set the respective PPTP Authentication Protocols under the PPTP/L2TP tab for the group. The problem I am running into is when I attempt to establish a connection from a Windows XP machine using the local user account I am not able to ever establish a connection. When I watch the Live Event Viewer it shows the following message ( User [pptpuser]disconnected.. failed authentication (MSCHAP-V2) ). What I take from this is as if the concentrator is still looking for Radius auth. Anyone have any suggestions on this?
I tried these 2 suggestions and the outcome is not as I expected. I think the issue I am having is due to how this concentrator was originally deployed and setup. If I move the Internal Authentication to the top of the list then Radius authentication fails. If I move Radius back to the top then Internal will fail. Historically the way users access VPN is the use radius and authenticate to the Base-Group which by default is set to Radius authentication. In previous implementations I have seen were the Base-Group is set to internal for authentication and then various groups are created in the concentrator and within those groups you specify them to auth via Radius server.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...