RE: Cisco 3640 WIN 2000 IAS [7:16408]

Fri, 17 Aug 2001 12:51:00 -0700 

Hi,

Access-reject means that Raidus/IAS doesn't like either the person/username
or the client that is trying to authenticate... whether it is a bad username
or the configuration for the radius client is not setup on the server
correctly.  (I have found that IAS is really picky about the ip address.)

ie) 10.09.9.3 configured as the client on the server, will give you an error
(access-reject) if the ip address of the client is 10.9.9.3.

Check your event logs on the IAS server.  This will give you a good idea of
what is not working/where to look for misconfiguration.

HTH,
Eric



-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Friday, August 17, 2001 3:27 PM
To: [EMAIL PROTECTED]
Subject: Cisco 3640 WIN 2000 IAS [7:16408]


I am trying to get a users dialing into a 3640 to authenticate to a Win 2000
IAS Radius Server.
 
IAS log Shows the Access-Request on the first line then Access-Reject on the
Second line
Is this Access-Reject referring to the user or the router?
The Cisco Running the Cisco debug tell me it fails local and logon fails for
the Radius "IAS"
 
I have checked the ports and password on the IAS as well as the Cisco.
WIN 2000
Clinent Client-Vender = CISCO
Remote Access Polices In the advance settings I have added the vender
specific parameters for Cisco.
Authentication I started with Chap, then went to unencrypted PAP SPAP
 
CISCO
IOS (tm) 3600 Software (C3640-I-M), Version 12.1(8), RELEASE SOFTWARE (fc1)
aaa new-model

aaa authentication login default local

aaa authentication login no_radius enable

aaa authentication ppp default if-needed group radius

aaa authorization network default group radius

aaa accounting exec start_stop start-stop group radius

aaa accounting network start_stop start-stop group radius
 
radius-server host 10.108.1.6 auth-port 1645 acct-port 1646

radius-server retransmit 3

radius-server key AnDialRtr




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=16417&t=16408
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Reply via email to