Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Attention: The Cisco Support Community site will be in read only mode on Dec14, 2017 from 12:01am PST to 11:30am for standard maintenance. Sorry for the inconvenience.

New Member

IAS Auth not working on Concentrator 3020 (-> MS-IAS on 2003)

Aborting: No identity cert specified in IPSec SA (Payload malformed)!

User (aaaa@111.company.com) not member of group (111.company.com), authe

ntication failed.

Situation:

we got Cisco concentrator 3005 (Rel4.1.7H) running.

Mixed user groups:

- some authenticated in TACACS

- some authenticated in MS-IAS/Radius (AD) on 2003

After HW upgrade to concentrator 3020 (config.-file copied 3005 -> 3020) above error message apears for all MS-IAS authentications, while TACACS works fine

Pls. any idea is more then welcome and urgently appreaciated

2 REPLIES
Bronze

Re: IAS Auth not working on Concentrator 3020 (-> MS-IAS on 2003

Aborting: No identity cert specified in IPSec SA (Payload malformed)!

This could be for several reasons regarding the cert (cert expired on one of them) or it may be because of try that the user did. So please ensure your certificate is valid.

New Member

Re: IAS Auth not working on Concentrator 3020 (-> MS-IAS on 2003

thank you for that reply. Unfortunately, the authentication is based on "shared secret". I ckecked all:on the new plattform: IKE proposal, IPSEC_SA proposals, but could not find the problem

Any other idea?

187
Views
0
Helpful
2
Replies
CreatePlease to create content