Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

VPN 3000 Concentrator-errors when testing Auth server for new group

We have a Cisco VPN 3000 Concerntrator and use Cisco Secure ACS for username and password authentication. I just recently found a problem when trying to create new groups in the concentrator. What happens when I add a new group, and add my Auth and Acct servers. When I try to log in with the VPN client I get conneted to the concentrator and prompted for a username and password, (as is usual) but when I enter the user/pass it fails every time. When I go back into the concentrator and test the Auth server it fails again and gives me the error "Authentication Error: No active server found". Here is where it gets complicated, when I select an older group that was created earlier and test the Auth server it works. I deleted one of the older groups and test the new groups auth server again, it works..

I'm dont think there is a limit to the amount of groups you can have acitve in the Concentrator beucase if there was I would think you would not be able to add new groups, which isnt the case. If anyone has any idea what this could be I would be very greatful. I have about 10 more groups that need to be added into the concentrator and I am really stuck. Thanks..

1 REPLY
New Member

Re: VPN 3000 Concentrator-errors when testing Auth server for ne

Hi

I had a similar problem, although the situation with my aaa server was that you could create it globaly and test it and it would work fine, but then create a group and point the auth to it and it wouldn't work when you vpn in - same error as you have. Removing it and creating it at group level was even worse, it wouldn't even test, again the same error. I fought with it for a long while, even tried adding the internal auth server (that didn't work either), then the whole thing went quite strange indeed, half the user interface disappeared and everything. In the end we came to the conclusion that the software was corrupt, had it rma'd, and get a whole new vpnc - which like a dream first time out with exactly the same config, and we have had no problems at all since.

I'm not saying that yours is suffering a similar fate, but maybe you consider a software reinstall, as on the face of it there would appear to be no rhyme or reason to what is happening/happened

HTH

183
Views
0
Helpful
1
Replies
CreatePlease to create content