-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear list,
did anyone ever have a PIX using ASA 7.2.1 authenticate VPN users against an RSA Authentication Manager? Relevant (AFAIK) config parts as follows: - --->8--- aaa-server rsa protocol sdi reactivation-mode timed aaa-server rsa (inside) host 1.2.3.4 retry-interval 3 timeout 13 [...] tunnel-group nolight general-attributes address-pool deep authentication-server-group rsa default-group-policy somepolicy - ---8<--- The numbers from 'show aaa-server rsa' don't change at all once authentication requests initiate, everything stays zeroed. However, when using radius instead of sdi, the PIX suddenly decides to throw some packets towards the Authentication Manager. Using sdi/RSA instead makes Wireshark report silence on the wire... What am i missing here? Any pointers greatly appreciated. Best regards, sven03 - -- Mit freundlichen Gruessen i. A. Sven Juergensen Fachbereich Informationstechnologie KielNET GmbH Gesellschaft fuer Kommunikation Preusserstr. 1-9, 24105 Kiel Telefon : 0431 / 2219-053 Telefax : 0431 / 2219-005 E-Mail : [EMAIL PROTECTED] Internet: http://www.kielnet.de AS# 25295 Key fingerprint: 65B6 90FC 010A 39CE DCA5 336D 9C45 3B7A B02D E132 Geschaeftsfuehrer Eberhard Schmidt HRB 4499 (Amtsgericht Kiel) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) iD8DBQFGqK71nEU7erAt4TIRAk1kAJ0RmatcV24bDjKIuI//alm0DjF5QwCfV03L 94Yw8cn5RLRbi/EFt0/7WeE= =nmE9 -----END PGP SIGNATURE----- _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/