I am having trouble with a CAS/CAM configuration. I have been testing a guest tunnel configuration with 2 cisco wireless lan controllers in the past. That has worked when I used a firewall on a PC, with 2 NIC's to forward traffic for the guest tunnel.
I finally got the CAS and CAM servers in to take my demo to the next level. I have the servers racked and stacked and configured. Everything works as before except for the VPN testing which is the most important part of the demo for these doctors.
My configuration in a nutshell is the guest tunnel from the wireless lan controllers is terminated to the inside interface of the CAS server. The outside interface interface of the CAS server goes around my firewall and launches the guest tunnel on to the internet at my gateway. We are not using anything special for the VPN client the doc's just let windows take care of that for them. The trouble smptom is that when the VPN icon is launched we see the connection to the VPN concentrator occur but the process is always hanging on the password verification. I have allowed all through the CAS/CAM server and even specified UDP port 500 but I haven't been able to successfully launch the VPN session.
Any thoughts on my next steps or troubleshooting tips would be greatly appreciated.
Make sure that the NAC policy and the authentication proxy use the same intercept ACL. Problem might also be with SSL cert.Try reinstalling SSL cert.There might be a mismatch in domain.Install the certs on the Appliance, create username and then try to aunthenticate.
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...