Problem with communication between RADIUS server and 3080 Concentrator
I have a Cisco 3080 VPN concentrator. It is currently configured for Lan-to-Lan VPNs as well as IPSec clients. The client groups are configured to use IP address pools that are configured on the 3080 and their authentication is passed to the RADIUS server (ACS) where the user accounts are configured. I currently have 97 different groups configured and 12 Lan-to-Lan connections configured.
For all existing groups configured on the 3080 to use the RADIUS server for authentication, the authentication server test from the
3080 to the RADIUS works fine (authenticates successfully). However, I am trying to add a new group today and when I configure the authentication server for the new group and test to the RADIUS server using a valid account I receive an error of "An error has occurred whil attempting to perform the operation. AUTHENTICATION ERROR: No active server found." Any ideas as to why this would happen. The server secret is correct; I have checked and double checked and even deleted it and added it again. No change for this one new group that I am trying to add; all other groups are working fine and authentication is successful.
Any ideas, questions, comments would be more than appreciated. Thanks.
Re: Problem with communication between RADIUS server and 3080 Co
There are 2 places where the authentication server can be configured. There is a global definition of authentication server. And there is an option at the group level to specify the authentication server. Your symptoms suggest that the authentication server was configured at the group level for the groups that work and may not have been configured at the group level for your new group.
A way to check this would be to go to group configuration. Select one of the groups that does work. Then select the option for authentication server. If it shows a server configured then the solution is to select your new group, select the authentication server option and specify your authentication server.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...