Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VPN PIX 515: User cannot access domain, only Radis server

I am trying to setup a VPN client into our network. I have a PIX 515 with 6.2(2) level of software. I have an NT 4.0 Domain with Radius. I can connect from the Internet and see the network, but I can only access the data on the Domain Server. No matter which userID I connect with.

What do I need to do to allow the userID to have access on the entire Domain, like the userID in the Domain?

2 REPLIES
New Member

Re: VPN PIX 515: User cannot access domain, only Radis server

what type of Radius Server are you using (Cisco ACS, NT IAS, etc)?

Do you have Split Tunnel ACL's in place on the PIX?

From the Client Side: When you look at the VPN Client Statistics after connecting do you see SA's (the key icons) forming for the subnets you are trying to reach?

From the PIX Side: what does 'show crypto ipsec sa' show?

New Member

Re: VPN PIX 515: User cannot access domain, only Radis server

We are using Radius on NT, the PDC.

Honestly, not sure if we have a split tunnel?

Result of firewall command: "show crypto ipsec sa"

interface: outside

Crypto map tag: outside_map, local addr. outside

I was speaking with a friend that has more experience with VPN than myself, and he stated that they had some similar issues. They were not using PIX, but the client PC needed to have the domain name in the Workgroup. When I did this to the client PC, I was able to connect with all the rights.

Any ideas or other things I should look at?

163
Views
0
Helpful
2
Replies