View Single Post
  #6  
Old 03-26-2013, 12:21 AM
rsuguna1 rsuguna1 is offline
Aspiring Member
 
Join Date: Mar 2013
Posts: 2
rsuguna1 has 10 reputation points
Default

I am able to authenticate thru the group name and in my radius server, receive access accept for the domain login credential entered in the vpn client. But I dont see that the radius server pass the attributes back to the vpn router. Also, the vpn client status shows as connecting.

below are my config in the router:


aaa
accounting network acct start_stop
accounting system rad2330 start_stop
authentication login iras radius/local
authentication protocols irasprtc pap
authorization commands auth local
tacacs
exit tacacs
enable
radius
primary_server
ipaddress xx.xx.xx.xxxx
shared_key password
time_out 100
retries 5
exit primary_server
secondary_server
exit secondary_server
exit radius
source-address xx.xx.xx.xx
exit aaa

interface ethernet 0/1
description Internet
ip address xx.xx.xx.xx
aaa
accounting network acct
authentication iras irasprtc
authorization auth
exit aaa
crypto untrusted
qos
module
exit module
chassis
exit chassis
exit qos
exit ethernet


ike policy vpnusers
local-address xx.xx.xx.xx
remote-id group-name "vpnusers" *****
proposal 1
dh-group group2
encryption-algorithm 3des-cbc
exit proposal
client configuration
address-pool 1 xx.xx.xx.xx xx.xx.xx.xx
private-side-address xx.xx.xx.xx
dns-server xx.xx.xx.xxxxxx
wins-server xx.xx.xx.xxxxxx
banner-enable
banner-text "Welcome!"
keepalive
enable
interval 60
exit keepalive
split-tunnel
mode enabled
network xx.xx.xx.xx
network xx.xx.xx.xx
exit split-tunnel
nat-keepalive 20
exit configuration
exit policy
ipsec policy vpnusers
proposal 1
lifetime seconds 3600
exit proposal
exit policy
exit contivity-iras

is there anything that im missing?

Thanks for the assistance!

su
Reply With Quote