Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

VPN 3000 Concentrator group = xxxx, status = Not-in-service?

Hi,

We have 3 radiusservers, when we put the 1.73 server on the top of the list in authentication servers it still authenticates with the 1.62 server. Which was earlier in the top of the list.

We can see that authentication takes place on the 1.62 and not on the 1.73. Als we checked the groups and which radius servers are configured there the 1.73 is on top.

Why does the concentrator not take 1.73?

We use image file vpn3000-4.7.2.F-k9.bin.

On the log of the concentrator we see:

22782 11/30/2007 11:21:50.130 SEV=4 AUTH/15 RPT=12693

Server name = x.x.1.73, type = RADIUS,

group = unimaas, status = Not-in-service

thx!

3 REPLIES

Re: VPN 3000 Concentrator group = xxxx, status = Not-in-service?

I would check the 1.73 IAS/RADIUS settings secret keys perhaps don't match with concentrator secret key settings causing it to authenticate through 1.62, you can actually test authentication within concentrator and 1.73 RADIUS and see if it does work for 1.73, try that.

HTH

Jorge

Community Member

Re: VPN 3000 Concentrator group = xxxx, status = Not-in-service?

Hi Jorge,

That I tried and it worked, but I solved the problem. Within a group radiusservers are defined the 1.62 had port nr udp 18xx but the 1.73 had the standard udp port. That caused the concentrator to fallback to the 1.62. I changed the udp port and it worked.

Thx,

Marc

Re: VPN 3000 Concentrator group = xxxx, status = Not-in-service?

Marc, thank you for posting your resolution.

Rgds

Jorge

378
Views
0
Helpful
3
Replies
CreatePlease to create content