RADIUS Issue

I am trying to get RADIUS working when clients access a certain website, the setup is as follows:


[client]--------->[PIX 515e]----------->[webserver]
                              |
                              |
                              |
                     [Radius Server]


The way it should work is, a client accesses www.<website>.com, a window opens pops up and prompts for authentication credentials, those credentials get passed to the Radius server, the Radius server accepts and sends back to the PIX and the client gets through.

Now, I have most of this working, I have a PIX 515e and a Windows 2003 EE server running IAS.  When I access the website, it gives me the box prompting for a password, and the PIX is communicating with the Windows server with the RADIUS protocol (I verified this with Ethereal).  The problem is, authentication fails every time (using Ethereal I see that the Windows server passes an Access-Reject RADIUS packet back).  The Radius server is not on a domain and I have created simple local user accounts on the Windows server to use for authentication, however I can't get it working.

Is there some special secret to getting the RADIUS server to authenticate or what?
LVL 7
TheTullAsked:
Who is Participating?
 
prashsaxConnect With a Mentor Commented:
This article tell how to configure windows 2003 IAS to work with PIX.

Its for Cisco VPN clients, but it is same for any RADIUS authentication.


http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00800b6099.shtml#config-2003
0
 
TheTullAuthor Commented:
Update:

The IAS Log file is indicating an "IAS_INVALID_AUTH_TYPE" Error.
0
 
TheTullAuthor Commented:
Excellent, it's working now

Looks like I had to enable Unencrypted (PAP, SPAP) to get it to work.  
0
 
prashsaxCommented:
Good to know its working.

ThankQ.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.