Solved

RADIUS Issue

Posted on 2006-06-16
4
1,825 Views
Last Modified: 2013-11-16
I am trying to get RADIUS working when clients access a certain website, the setup is as follows:


[client]--------->[PIX 515e]----------->[webserver]
                              |
                              |
                              |
                     [Radius Server]


The way it should work is, a client accesses www.<website>.com, a window opens pops up and prompts for authentication credentials, those credentials get passed to the Radius server, the Radius server accepts and sends back to the PIX and the client gets through.

Now, I have most of this working, I have a PIX 515e and a Windows 2003 EE server running IAS.  When I access the website, it gives me the box prompting for a password, and the PIX is communicating with the Windows server with the RADIUS protocol (I verified this with Ethereal).  The problem is, authentication fails every time (using Ethereal I see that the Windows server passes an Access-Reject RADIUS packet back).  The Radius server is not on a domain and I have created simple local user accounts on the Windows server to use for authentication, however I can't get it working.

Is there some special secret to getting the RADIUS server to authenticate or what?
0
Comment
Question by:TheTull
  • 2
  • 2
4 Comments
 
LVL 7

Author Comment

by:TheTull
ID: 16923144
Update:

The IAS Log file is indicating an "IAS_INVALID_AUTH_TYPE" Error.
0
 
LVL 13

Accepted Solution

by:
prashsax earned 500 total points
ID: 16923147
This article tell how to configure windows 2003 IAS to work with PIX.

Its for Cisco VPN clients, but it is same for any RADIUS authentication.


http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00800b6099.shtml#config-2003
0
 
LVL 7

Author Comment

by:TheTull
ID: 16923206
Excellent, it's working now

Looks like I had to enable Unencrypted (PAP, SPAP) to get it to work.  
0
 
LVL 13

Expert Comment

by:prashsax
ID: 16923232
Good to know its working.

ThankQ.
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Suggested Solutions

Some time ago I was asked to set up a web portal PC to put at our entrance. When customers arrive, they could see a webpage 'promoting' our company. So I tried to set up a windows 7 PC as a kiosk PC.......... I will spare you all the annoyances I…
Don’t let your business fall victim to the coming apocalypse – use our Survival Guide for the Fax Apocalypse to identify the risks and signs of zombie fax activities at your business.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now