09-06-2006 07:22 AM - edited 02-21-2020 10:16 AM
Have a small problem. My authentication server has an ip address of 192.168.105.10 (which I can ping via the concentrator). I can also ping the all interfaces on the concentrator from my pix and router. However, I cannot do a test authentication from the concentrator. I have double checked the group for Remote Users and all looks fine....I guess. I have attached the Filtered Event Log if anyone can help it would be greatly appreciated.
09-06-2006 10:01 AM
what kind of authentication server is that? Radius, LDAP??
09-06-2006 10:23 AM
NT Domain
09-06-2006 11:22 AM
Todd,
Based on the below log messages, looks like there is some reachability issue from the VPN3000 to the NT Domain.
31 09/06/2006 10:14:40.120 SEV=4 AUTH/9 RPT=86
Authentication failed: Reason = Network error
handle = 223, server = 192.168.105.10, user = dasjtk
Can you make sure that you ping the NT Domain Server from the VPN3000 and make sure TCP/139 is not blocked.
Also, make sure that you have right NT Domain Server and the server is configured with the default port of TCP/139.
I hope it helps.
Regards,
Arul
09-06-2006 01:17 PM
Issue was an access-list on my pix to allow access to the domain controller.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: