<(E-Mail Removed)> wrote in
news:35ec01c4aae0$42c5ec00$(E-Mail Removed):
> James, Thanks for your help on this issue. After re-
> reading the event log (carefully this time) I realized I
> needed to define a Connection Request Policy in addition
> to a Remote Access Policy. It's working fine now. Thanks
> again.
>
> Pete
>
>
> Here's what I'm getting in the System event log.
>
>
> User flastname was denied access.
> Fully-Qualified-User-Name = <undetermined>
> NAS-IP-Address = 10.110.255.15
> NAS-Identifier = <not present>
> Called-Station-Identifier = <not present>
> Calling-Station-Identifier = <not present>
> Client-Friendly-Name = Cisco 3005
> Client-IP-Address = 10.110.255.15
> NAS-Port-Type = Virtual
> NAS-Port = <not present>
> Proxy-Policy-Name = <none>
> Authentication-Provider = <undetermined>
> Authentication-Server = <undetermined>
> Policy-Name = <undetermined>
> Authentication-Type = <undetermined>
> EAP-Type = <undetermined>
> Reason-Code = 49
> Reason = The connection attempt did not match any
> connection request policy.
>
>
>
>
>>-----Original Message-----
>><(E-Mail Removed)> wrote in
>>news:3a6101c4a980$b4fa0a10$(E-Mail Removed):
>>
>>> I'm trying to use IAS as a RADIUS server for the Cisco
>>> VPN concentrator. I've created user accounts on the
>>> Windows 2003 server but I can't get them to
> successfully
>>> authenticate from the Cisco VPN concentrator. There are
>>> options in the Cisco box to test your RADIUS server and
>>> they fail when I try to do so.
>>>
>>>>-----Original Message-----
>>>>"Pete" <(E-Mail Removed)> wrote in news:1a8c01c4a7f0
> $e07f5f50
>>> $(E-Mail Removed):
>>>>
>>>>> I'm trying to use IAS on a Windows 2003 server in
>>>>> combination with a Cisco 3005 VPN Concentrator. I've
>>>>> successfully implemented this set up on a Windows
> 2000
>>>>> member server but can't make it work on a 2003 Domain
>>>>> Controller. I have the Authentication set to
>>> Unencrypted
>>>>> (PAP, SPAP) and the Encryption set to No Encryption
> in
>>>>> the Remote access policy.
>>>>>
>>>>> The domain is running in native mode. Any suggestions
>>> on
>>>>> what I'm missing?
>>>>>
>>>>
>>>>What are you trying to accomplish? If you want to
>>> provide Guest access, you
>>>>must enable the Guest account (or create an account you
>>> want to use as
>>>>Guest that has a different name.)
>>>>
>>>>If that is not your goal, please provide more
>>> information to make it clear
>>>>what your desired end-result will be.
>>>>
>>>>--
>>>>James McIllece, Microsoft
>>>>
>>>>Please do not send email directly to this alias. This
>>> is my online account
>>>>name for newsgroup participation only.
>>>>
>>>>This posting is provided "AS IS" with no warranties,
> and
>>> confers no rights.
>>>>.
>>>>
>>
>>Thanks for the additional info. Are you seeing any errors
> in the Event Log
>>on the IAS server? If so, can you please post the
> contents of the logs?
>>
>>It will be a good idea to double-check the shared secret
> between the IAS
>>server and the NAS. Also check to make sure the NAS is
> configured properly
>>as a RADIUS client on the IAS server, and that you have
> configured the VPN
>>concentrator to use RADIUS authentication.
>>
>>--
>>James McIllece, Microsoft
>>
>>Please do not send email directly to this alias. This is
> my online account
>>name for newsgroup participation only.
>>
>>This posting is provided "AS IS" with no warranties, and
> confers no rights.
>>.
>>
>
Hi Pete --
Glad you got it working and thanks for posting the log contents.
--
James McIllece, Microsoft
Please do not send email directly to this alias. This is my online account
name for newsgroup participation only.
This posting is provided "AS IS" with no warranties, and confers no rights.
|
Similar Threads
Linear Mode
