Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

VPNc 3000 Internal AND Radius authentication server problem

Hello All!

I have an ACS where I authenticate VPN user using Cisco vpn client. We tried PPTP with a group and a user local (internal) on the VPN concentrator and it doesn`t authenticate correctly...

I change the order of my authentication servers from RADIUS, INTERNAL to INTERNAL, RADIUS and the local authentication worked...

Is that a bug? In the doc it says "the first server of a given type is the primary and all other are backup" From my understanding it shoud work!!!

thanks

Release 3.6.3 is used

Ch

1 REPLY
Cisco Employee

Re: VPNc 3000 Internal AND Radius authentication server problem

With PPTP the first server listed in the Authentication Servers list is the one that's used. You can't define this per group cause there's no concept of a group in PPTP unlike when you use the VPN Client.

As for why it failed when using Radius, check the PPTP Encryption (MPPE) settings on the client. If they're "required", then you need to return encryption attributes from the Raidus sever for it to authenticate properly, otherwise the connection will be dropped.

See the following for details:

http://www.cisco.com/warp/public/471/pptp_vpn3k.html

http://www.cisco.com/warp/public/471/altigacsnt.html

120
Views
0
Helpful
1
Replies
CreatePlease to create content