Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VPN 3000 Concentrator Authentication Error.

Hi Team,

I am facing the Authentication error in Concentrator.

Scenario :-

Concentrator is integrated with AD.

Error:-

---

2451 11/22/2009 13:20:35.550 SEV=3 AUTH/5 RPT=19132 86.62.198.251
Authentication rejected: Reason = Unspecified
handle = 396, server = 172.27.1.13, user = 23733, domain = <not specified>

1 ACCEPTED SOLUTION

Accepted Solutions
Bronze

Re: VPN 3000 Concentrator Authentication Error.

Hi subashmbi,

Gotta following questions for you :-

1. Which authentication protocol is in use with AD ?

2. By any chance the user "23733" for whom you are seeing Authentication error, is a part of mulitple groups defined in AD ?

As a quick test., try to switch the VPN group to NT domain authentication and let me know how it goes...

If NT does not work then try LOCAL authentications.

Awaiting your response with answers to the questions asked above and the test results with NT and LOCAL ...

Regards

M

Mohit Paul CCIE-Security 35496 P.S Please do rate this post if you find it helpful to make it easier for others seeking answers to similar queries
4 REPLIES
Bronze

Re: VPN 3000 Concentrator Authentication Error.

Hi subashmbi,

Gotta following questions for you :-

1. Which authentication protocol is in use with AD ?

2. By any chance the user "23733" for whom you are seeing Authentication error, is a part of mulitple groups defined in AD ?

As a quick test., try to switch the VPN group to NT domain authentication and let me know how it goes...

If NT does not work then try LOCAL authentications.

Awaiting your response with answers to the questions asked above and the test results with NT and LOCAL ...

Regards

M

Mohit Paul CCIE-Security 35496 P.S Please do rate this post if you find it helpful to make it easier for others seeking answers to similar queries
New Member

Re: VPN 3000 Concentrator Authentication Error.

Hi,

Thanks for the update.

Answers are inline.

Gotta following questions for you :-

1. Which authentication protocol is in use with AD ?

Kerboros

2. By any chance the user "23733" for whom you are seeing Authentication error, is a part of mulitple groups defined in AD ?

Yes, If we create the new user with same group, it is working fine without error.

As a quick test., try to switch the VPN group to NT domain authentication and let me know how it goes...

If NT does not work then try LOCAL authentications.

Current scenario is using NT authentication with this group only some user (2-3) is facing problem .

Awaiting your response with answers to the questions asked above and the test results with NT and LOCAL ...

Regards

M

Bronze

Re: VPN 3000 Concentrator Authentication Error.

Hi Subash,


So it worked with NT as authentication except 2-3 users. Is that correct ?

Also, the new user you created, works fine for that group in AD using kerbros.

Please confirm both the points i have raised above.



Regards

M

Mohit Paul CCIE-Security 35496 P.S Please do rate this post if you find it helpful to make it easier for others seeking answers to similar queries
New Member

Re: VPN 3000 Concentrator Authentication Error.

Hi,

So it worked with NT as authentication except 2-3 users. Is that correct ?

Yes.

Also, the new user you created, works fine for that group in AD using kerbros.

Yes.

Please confirm both the points i have raised above.

Tomorrow i will try with local Authentication.

Rgds

Subash

584
Views
0
Helpful
4
Replies
CreatePlease to create content