Problem w/ Radius server (MS IAS) on Server 2003

[OmegaLS]

I am trying to create a Radius server so my Cisco 3005 Vpn concentrator can authenticate users thru, but Im having an issue authenticating the users. I followed the steps in this cisco article on building the Radius server and setting up the concentrator, but for some reason I think theres something I need to do thats not in there in regards to talking to the AD or something.

http://www.cisco.com/en/US/products...s_configuration_example09186a0080094700.shtml

I am doing this on a 2003 server, if that makes a difference but the only things I have done are was are listed in the article. Do I have to have routing and remote access running for this for the connection? I have no idea where to start trouble shooting this.

Thanks

 

[pathfndr96]

I'm having the exact problem. At first i thought there was a routing/firewall problem, but i used Ethereal to see where the traffic was going. If i go into the 3005, test authentication to the AAA server, I can see that the traffic is making it to the AAA server. Problem is...i'm receiving an ICMP Destination unreachable packet back from the AAA server.

Not that this was much help to you, but i don't think you are having a routing problem.

I do know that you have to grant Remote Access Permission in AD otherwise account won't be validated.

Will keep you posted.

 

[OmegaLS]

I have since fixed the issue, my problem was that when I was testing it using the test option in the 3005, I did not know that the test option was only using the protocal PAP and the server was set to only accept MSCHAPv2. Make sure to check your event logs on your radius server to see what exactly is going on. And enable all the different protocals on the radius server in your initial testings to see if you are having the same issues.