Hi,
Access-reject means that Raidus/IAS doesn't like either the person/username
or the client that is trying to authenticate... whether it is a bad username
or the configuration for the radius client is not setup on the server
correctly. (I have found that IAS is really picky about the ip address.)
ie) 10.09.9.3 configured as the client on the server, will give you an error
(access-reject) if the ip address of the client is 10.9.9.3.
Check your event logs on the IAS server. This will give you a good idea of
what is not working/where to look for misconfiguration.
HTH,
Eric
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Friday, August 17, 2001 3:27 PM
To: [EMAIL PROTECTED]
Subject: Cisco 3640 WIN 2000 IAS [7:16408]
I am trying to get a users dialing into a 3640 to authenticate to a Win 2000
IAS Radius Server.
IAS log Shows the Access-Request on the first line then Access-Reject on the
Second line
Is this Access-Reject referring to the user or the router?
The Cisco Running the Cisco debug tell me it fails local and logon fails for
the Radius "IAS"
I have checked the ports and password on the IAS as well as the Cisco.
WIN 2000
Clinent Client-Vender = CISCO
Remote Access Polices In the advance settings I have added the vender
specific parameters for Cisco.
Authentication I started with Chap, then went to unencrypted PAP SPAP
CISCO
IOS (tm) 3600 Software (C3640-I-M), Version 12.1(8), RELEASE SOFTWARE (fc1)
aaa new-model
aaa authentication login default local
aaa authentication login no_radius enable
aaa authentication ppp default if-needed group radius
aaa authorization network default group radius
aaa accounting exec start_stop start-stop group radius
aaa accounting network start_stop start-stop group radius
radius-server host 10.108.1.6 auth-port 1645 acct-port 1646
radius-server retransmit 3
radius-server key AnDialRtr
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=16417&t=16408
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]