Cisco Support Community
Community Member

NAC (CAS/CAM) Configuration Question

I am having trouble with a CAS/CAM configuration. I have been testing a guest tunnel configuration with 2 cisco wireless lan controllers in the past. That has worked when I used a firewall on a PC, with 2 NIC's to forward traffic for the guest tunnel.

I finally got the CAS and CAM servers in to take my demo to the next level. I have the servers racked and stacked and configured. Everything works as before except for the VPN testing which is the most important part of the demo for these doctors.

My configuration in a nutshell is the guest tunnel from the wireless lan controllers is terminated to the inside interface of the CAS server. The outside interface interface of the CAS server goes around my firewall and launches the guest tunnel on to the internet at my gateway. We are not using anything special for the VPN client the doc's just let windows take care of that for them. The trouble smptom is that when the VPN icon is launched we see the connection to the VPN concentrator occur but the process is always hanging on the password verification. I have allowed all through the CAS/CAM server and even specified UDP port 500 but I haven't been able to successfully launch the VPN session.

Any thoughts on my next steps or troubleshooting tips would be greatly appreciated.


Re: NAC (CAS/CAM) Configuration Question

Make sure that the NAC policy and the authentication proxy use the same intercept ACL. Problem might also be with SSL cert.Try reinstalling SSL cert.There might be a mismatch in domain.Install the certs on the Appliance, create username and then try to aunthenticate.

CreatePlease to create content