[VPN] Cisco 3000 VPN Concentrator and RADIUS
David Goldsmith
dgoldsmith at sans.org
Fri Jan 24 14:20:37 EST 2003
I have a Cisco 3015 VPN Concentrator loaded with software version 3.6.7. Using
Internal authentication, I am able to have a client connect to the VPN and
establish a tunnel.
I am now trying to setup RADIUS authentication. The public interface of the
VPN is in the DMZ network. The RADIUS server is also in the DMZ. From the CLI,
I can successfully ping the RADIUS server. I have defined a RADIUS auth
server using port 1812. When I try the 'Test' option to see if RADIUS auth is
working, I get a timeout error that the server is unreachable. Running sniffers
on both the external and internal network segments reveals NO RADIUS traffic
leaving the VPN.
The following article from Cisco shows a similar configuration with the RADIUS
server in the DMZ in front of the VPN so this should work.
http://www.cisco.com/en/US/products/sw/secursw/ps2086/ (URL wraps)
products_configuration_example09186a0080094a03.shtml
Any ideas?
Thanks,
Dave Goldsmith
More information about the VPN
mailing list