We help IT Professionals succeed at work.

Check out our new AWS podcast with Certified Expert, Phil Phillips! Listen to "How to Execute a Seamless AWS Migration" on EE or on your favorite podcast platform. Listen Now

x

Cisco ASA cannot authenticate VPN clients using Kerberos

John_R_E
John_R_E asked
on
Medium Priority
1,983 Views
Last Modified: 2013-12-04
The ASA was original pointing to a Windows 2000 server for VPN authentication. The Winows 2000 server was retired and we are now running a Windows 2003 domain. The authentication server address was changed to point a different domain controller. No other changes were made. Now the logon box re-appears after users try to connect using the Cisco VPN client.
A sample from the ASA log is below
5|Jun 29 2009|09:39:44|713904|||IP = 141.158.***.***, Received encrypted packet with no matching SA, dropping
4|Jun 29 2009|09:39:44|713903|||Group = *********, Username = *******, IP = 141.158.***.***, Error: Unable to remove PeerTblEntry
3|Jun 29 2009|09:39:44|713902|||Group = *********, Username = *********, IP = 141.158.***.***7, Removing peer from peer table failed, no match!
3|Jun 29 2009|09:39:44|713048|||Group = *********, Username = *********, IP = 141.158.***.***, Error processing payload: Payload ID: 14

Open in new window

Comment
Watch Question

Commented:
Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.