[cisco-nas] VPN Router configuration using RADIUS authentication problem

Souphonh Phounsavath souphonh at laopdr.com
Mon Aug 8 08:56:49 EDT 2005 

Dear Sir,

 

I have tried to configure Cisco VPN router to allow Windows client to use
PPTP to access to the VPN router. The authentication is using RADIUS.
However, I have problem to get the VPN router to authenticate user on RADIUS
database. The following is RADIUS debug:

 

00:38:54: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to up

00:38:56: AAA: parse name=Virtual-Access1 idb type=21 tty=-1

00:38:56: AAA: name=Virtual-Access1 flags=0x11 type=5 shelf=0 slot=0
adapter=0 p

ort=1 channel=0

00:38:56: AAA: parse name=<no string> idb type=-1 tty=-1

00:38:56: AAA/MEMORY: create_user (0x6291FC40) user='testbb' ruser='NULL'
ds0=0

port='Virtual-Access1' rem_addr='' authen_type=MSCHAP service=PPP priv=1
initial

_task_id='0'

00:38:56: AAA/AUTHEN/START (1798129222): port='Virtual-Access1' list=''
action=L

OGIN service=PPP

00:38:56: AAA/AUTHEN/START (1798129222): using "default" list

00:38:56: AAA/AUTHEN (1798129222): status = UNKNOWN

00:38:56: AAA/AUTHEN/START (1798129222): Method=radius (radius)

00:38:56: RADIUS: ustruct sharecount=1

00:38:56: Radius: radius_port_info() success=1 radius_nas_port=1

00:38:56: RADIUS: added cisco VSA 2 len 15 "Virtual-Access1"

00:38:56: RADIUS: Initial Transmit Virtual-Access1 id 22 202.136.240.5:1812,
Acc

ess-Request, len 155

00:38:56:         Attribute 4 6 CA88F201

00:38:56:         Attribute 5 6 00000001

00:38:56:         Attribute 26 23 0000000902115669

00:38:56:         Attribute 61 6 00000005

00:38:56:         Attribute 1 8 74657374

00:38:56:         Attribute 26 16 000001370B0A8A66

00:38:56:         Attribute 26 58 0000013701341901

00:38:56:         Attribute 6 6 00000002

00:38:56:         Attribute 7 6 00000001

00:38:56: RADIUS: Received from id 22 202.136.240.5:1812, Access-Reject, len
20

00:38:56: AAA/AUTHEN (1798129222): status = FAIL

00:38:56: AAA/MEMORY: free_user (0x6291FC40) user='testbb' ruser='NULL'
port='Vi

rtual-Access1' rem_addr='' authen_type=MSCHAP service=PPP priv=1

00:38:56: %LINK-3-UPDOWN: Interface Virtual-Access1, changed state to down

 

 

Please suggest what should I check.

 

Regards,

Souphonh

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://puck.nether.net/pipermail/cisco-nas/attachments/20050808/22fcddb7/attachment.html

More information about the cisco-nas mailing list