?
Solved

RADIUS issue with cisco 2821

Posted on 2011-10-18
8
Medium Priority
?
461 Views
Last Modified: 2012-05-12
have a cisco 2821 that we are using for vpn gateway to do radius authentication to a 2008 DC, was working fine until we swapped out the old switches with new cisco switches and removed the vlan routing from the 2821 and moved it to a 4900. I double checked the ip in the config and the key, and i changed the client on the 2008 server to match the new internal ip of the router, and still geting wrong user id /password.. maybe i'm missing something.  I'm attaching configs.  Thanks in advance for any help
occh-scrub.txt
Core-4900-1---20110922-scrub.txt
netdiag.pdf
0
Comment
Question by:jasonmichel
  • 5
  • 3
8 Comments
 
LVL 26

Expert Comment

by:Soulja
ID: 36987624
This is your current config in production for the router? I though you put in your changes?
0
 
LVL 26

Accepted Solution

by:
Soulja earned 2000 total points
ID: 36987631
Is your 2008 Radius server listing on the old Radius Ports you have in the Router config? I know that 1812 and 1813 are the official Radius ports now.
0
 
LVL 1

Author Comment

by:jasonmichel
ID: 36987720
Yeah I did make the changes, let me pull running config. I believe server has both ports, I'll double check
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 1

Author Comment

by:jasonmichel
ID: 36987904
here is the updated
courthouse-scrub.txt
0
 
LVL 26

Expert Comment

by:Soulja
ID: 36988501
I don't see anything that sticks out other than the radius ports, did you check whether your server is listening on those ports.
0
 
LVL 26

Expert Comment

by:Soulja
ID: 36988531
Try removing the acl from the vlan interface where the radius server sits as well as the vlan where the router sits. At least if it still don't work, it will rule out the ACL as the problem.
0
 
LVL 1

Author Comment

by:jasonmichel
ID: 36988890
Ok Both ports are listed. So just to test I configured ias on a 2003 server and changed ip to that in router and it worked, so must be npa issue. But working for now.  Thanks
0
 
LVL 26

Expert Comment

by:Soulja
ID: 36988920
Cool!!
0

Featured Post

NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
For anyone that has accidentally used newSID with Server 2008 R2 (like I did) and hasn't been able to get the server running again because you were unlucky (as I was) and had no backups - I was able to get things working by doing a Registry Hive rec…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question