Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

User Authentication via VPN Client to PIX

I have VPN Client 4 running and am able to connect and receive an IP from the PIX. The first issue I have is that the subnet mask assigned is Class B instead of Class C though this doesn't seem to affect the ability to ping machines on the inside LAN.

The real issue is I am not asked for any user authentication and cannot get Outlook to work. There is no TACACS in place. The authentication should go straight to the DNS/mail server.

What am I missing?

  • Other Security Subjects
2 REPLIES
Silver

Re: User Authentication via VPN Client to PIX

Can you ping the email server?

What email server package are you running? What OS is it running?

New Member

Re: User Authentication via VPN Client to PIX

The reason your subnet address may be different is because of how interesting traffic is configured. If you have internal network 192.168.1.0 255.255.255.0 and have configured your pool as 192.168.1.5-192.168.1.10 then it will show as 192.168.1.0 255.255.255.240, this is how it isolates x.5-x.10 as interesting traffic that should be protected by IPSec. If you are using the Cisco client and are not using RADIUS or TACACS, then the only "authentication" is your pre-share (The group name and the password). You can set up local authentication of you use pptp and the microsoft client. What authentication should go to the DNS server? DNS is used for name resolution, not authentication, so I'm a bit confused about what are are asking. WIth in the Cisco client you can select to log on to the Windows domain.

79
Views
0
Helpful
2
Replies
This widget could not be displayed.