Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Question on ipsec accounting with local authentication

I have a site with a 2811 in place for IPSEC based vpn client connections. The vpn configurations are based on local authentication, however, we would like to be able to log the VPN activity. From what I can tell, this will require a RADIUS server for the logging. Can I continue with local authentication on the 2811, but accounting to a RADIUS server on a Winodws 2003 Server?

I have the RADIUS server configured on the Windows server, but the debug isakmp aaa output shows errors trying to send the start record when a vpn session is established. I see nothing in any logs on the Windows server side.

Can anyone shed some light on the situation for me? Am I trying to accomplish the impossible? If it's possible, what am I missing?

Thank you in advance.


New Member

Re: Question on ipsec accounting with local authentication

Am I in the wrong section with this question? Or, is this questions so completely out there that nobody can even believe that I am asking it?

I would have thought that this would be a relatively easy configuration, but things don't appear to want to go the way that they do in the manual.

Any help would really be appreciated.

Thanks in advance,