Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Wireless PEAP authentication across VPN tunnel

We are using the Cisco 871 series routers for VPN connectivity. I am testing the 871W for for VPN and wireless connectivity. I am able to get the VPN working but am having trouble with the wireless authentiction using PEAP and authentication via active directory. The problem is, my router cannot, because of the VPN connection, "talk" directly to my authentication server using the LAN ip address. I can get authentication to work if I pass the traffic through the internet, punching a hole in my firewall to complete the authentication process. This is not my preferred method. What can I do to get around may VPN access lists that are preventing my direct connectivity to my server?

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: Wireless PEAP authentication across VPN tunnel

Are you able to ping the ip address of radius server through the tunnel ?

Try adding this :

ip radius source-interface BVI1

*Please rate if helped.

-Kanishka

4 REPLIES
Cisco Employee

Re: Wireless PEAP authentication across VPN tunnel

Is the Authentication server located at the other end of the tunnel ?

Please provide a snippet of the relevant configuration so that we can suggest some changes.

-Kanishka

New Member

Re: Wireless PEAP authentication across VPN tunnel

Attached is a portion of the configuration the way I would LIKE it to work. This configuration does not currently work. However, if I substitute a public IP address for my nas server (permitted through my firewall) it will work.

Cisco Employee

Re: Wireless PEAP authentication across VPN tunnel

Are you able to ping the ip address of radius server through the tunnel ?

Try adding this :

ip radius source-interface BVI1

*Please rate if helped.

-Kanishka

New Member

Re: Wireless PEAP authentication across VPN tunnel

JACKPOT! That did it! Thanks.

284
Views
0
Helpful
4
Replies
CreatePlease to create content