VPN 3000 Concentrator-errors when testing Auth server for new group
We have a Cisco VPN 3000 Concerntrator and use Cisco Secure ACS for username and password authentication. I just recently found a problem when trying to create new groups in the concentrator. What happens when I add a new group, and add my Auth and Acct servers. When I try to log in with the VPN client I get conneted to the concentrator and prompted for a username and password, (as is usual) but when I enter the user/pass it fails every time. When I go back into the concentrator and test the Auth server it fails again and gives me the error "Authentication Error: No active server found". Here is where it gets complicated, when I select an older group that was created earlier and test the Auth server it works. I deleted one of the older groups and test the new groups auth server again, it works..
I'm dont think there is a limit to the amount of groups you can have acitve in the Concentrator beucase if there was I would think you would not be able to add new groups, which isnt the case. If anyone has any idea what this could be I would be very greatful. I have about 10 more groups that need to be added into the concentrator and I am really stuck. Thanks..
Re: VPN 3000 Concentrator-errors when testing Auth server for ne
I had a similar problem, although the situation with my aaa server was that you could create it globaly and test it and it would work fine, but then create a group and point the auth to it and it wouldn't work when you vpn in - same error as you have. Removing it and creating it at group level was even worse, it wouldn't even test, again the same error. I fought with it for a long while, even tried adding the internal auth server (that didn't work either), then the whole thing went quite strange indeed, half the user interface disappeared and everything. In the end we came to the conclusion that the software was corrupt, had it rma'd, and get a whole new vpnc - which like a dream first time out with exactly the same config, and we have had no problems at all since.
I'm not saying that yours is suffering a similar fate, but maybe you consider a software reinstall, as on the face of it there would appear to be no rhyme or reason to what is happening/happened
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :