I have a fully functional radius server that we use for authenticating with our wireless networks. That all works properly, so there are no issues with the server.
However now that I am trying to set up our ASA 5510 to authenticate witht the server, I keep getting the wollowing error:
ciscoasa# test aaa-server authentication IGBRADIUS host XXX.YYY.ZZZ.QQQ username XXXX password XXXX INFO: Attempting Authentication test to IP address <XXX.YYY.ZZZ.QQQ> (timeout: 10 seconds) ERROR: Authentication Server not responding: No error
The only curveball that I can see that I might be throwing on this is that the server will be on the public side of the VPN instead of the private as is shown in most of the howtos.
Re: authenticating to a vpn over a public interface
Thank you for everyone's help to this point. The vpn is contacting the radius server now, but it seems that the username/password fields are different than what the server is expecting, causing all authentication attempts to fail.
On our wireless, a standard radius authentication gives a line like:
Mon Jun 14 13:55:49 2010 : Auth: Login OK: [usera/] (from client 1e port 16650 cli 0024.367b.f707)
that no user-password attribute part is exactly like it appears in the logs, only username is changed there.
whereas when the vpn tries to contact the RADIUS server, I get the following
Mon Jun 14 13:55:42 2010 : Auth: Login incorrect: [username/password] (from client igbvpn port 20)
where the username and password are the actual username and password. Any suggestions?
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...