snowdog_2112
asked on
server 2008r2 NPS raidus from cisco
Anyone know the settings to allow L2TP clients on a cisco authenticate to AD by way of RADIUS?
I've set the NAS-Port type to VPN, and everything else except wireless, and the policy is bypassed. The security log is showing the policy applied is the default "connections to other access servers" (which is st to deny, but for some reason still authenticates users...weird).
I have another network policy for WiFi AP's using RADIUS as well, and connections are denied if I have the WiFi policy enabled - even if my L2TP VPN policy is 1st in the processing order. The wifi clients do authenticate successfully when the wifi policy is enabled.
If I disable the wifi policy, it falls through to the bottom-most default as mentioned.
Any thoughts?
I've set the NAS-Port type to VPN, and everything else except wireless, and the policy is bypassed. The security log is showing the policy applied is the default "connections to other access servers" (which is st to deny, but for some reason still authenticates users...weird).
I have another network policy for WiFi AP's using RADIUS as well, and connections are denied if I have the WiFi policy enabled - even if my L2TP VPN policy is 1st in the processing order. The wifi clients do authenticate successfully when the wifi policy is enabled.
If I disable the wifi policy, it falls through to the bottom-most default as mentioned.
Any thoughts?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks.