Solved

RADIUS Issue

Posted on 2006-06-16
4
1,833 Views
Last Modified: 2013-11-16
I am trying to get RADIUS working when clients access a certain website, the setup is as follows:


[client]--------->[PIX 515e]----------->[webserver]
                              |
                              |
                              |
                     [Radius Server]


The way it should work is, a client accesses www.<website>.com, a window opens pops up and prompts for authentication credentials, those credentials get passed to the Radius server, the Radius server accepts and sends back to the PIX and the client gets through.

Now, I have most of this working, I have a PIX 515e and a Windows 2003 EE server running IAS.  When I access the website, it gives me the box prompting for a password, and the PIX is communicating with the Windows server with the RADIUS protocol (I verified this with Ethereal).  The problem is, authentication fails every time (using Ethereal I see that the Windows server passes an Access-Reject RADIUS packet back).  The Radius server is not on a domain and I have created simple local user accounts on the Windows server to use for authentication, however I can't get it working.

Is there some special secret to getting the RADIUS server to authenticate or what?
0
Comment
Question by:TheTull
  • 2
  • 2
4 Comments
 
LVL 7

Author Comment

by:TheTull
ID: 16923144
Update:

The IAS Log file is indicating an "IAS_INVALID_AUTH_TYPE" Error.
0
 
LVL 13

Accepted Solution

by:
prashsax earned 500 total points
ID: 16923147
This article tell how to configure windows 2003 IAS to work with PIX.

Its for Cisco VPN clients, but it is same for any RADIUS authentication.


http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00800b6099.shtml#config-2003
0
 
LVL 7

Author Comment

by:TheTull
ID: 16923206
Excellent, it's working now

Looks like I had to enable Unencrypted (PAP, SPAP) to get it to work.  
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16923232
Good to know its working.

ThankQ.
0

Featured Post

Watch Anatomy of a Wi-Fi Hack On-Demand

In less than a weekend, anyone with Internet access and some free time can become a Wi-Fi MitM to wreak havoc on your network. View our Wi-Fi Expert in an on-demand episode of our Secure Wi-Fi mini-series as he explores the motives, execution, and anatomy of a Wi-Fi hack.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
Meet the world's only “Transparent Cloud™” from Superb Internet Corporation. Now, you can experience firsthand a cloud platform that consistently outperforms Amazon Web Services (AWS), IBM’s Softlayer, and Microsoft’s Azure when it comes to CPU and …
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question