Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 1 subscriber
  • Views 3814 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL VPN + Radius

MastaPuffy
Hello,

I have a Small Business Server 2003 with IAS running on it.
I am able to authenticate without probelms with the server (Http Proxy, webadmin authentication). But for some reason i am not able to authenticate using SSL VPN. I also added the the RADIUS USERS Group.

The Server 2003 say that the Users has been granted access. But i receive a authetication failure in the VPN Client.

Astaro Live Log: User authentication daemon

2007:09:19-20:19:56 (none) aua[24312]: id="3004" severity="info" sys="System" sub="auth" name="Authentication successful" srcip="0.0.0.0" user="" caller="openvpn" engine="radius" 


Astaro VPN Log

2007:09:19-20:19:56 (none) openvpn[4061]: 192.168.3.201:1071 [] Peer Connection Initiated with 192.168.3.201:1071 
2007:09:19-20:19:57 (none) openvpn[4061]: 192.168.3.201:1071 TCPv4_SERVER READ [104] from 192.168.3.201:1071: P_CONTROL_V1 kid=0 [ ] pid=26 DATA len=90 
2007:09:19-20:19:57 (none) openvpn[4061]: 192.168.3.201:1071 PUSH: Received control message: 'PUSH_REQUEST' 
2007:09:19-20:19:57 (none) openvpn[4061]: 192.168.3.201:1071 SENT CONTROL []: 'AUTH_FAILED' (status=1) 
2007:09:19-20:19:57 (none) openvpn[4061]: 192.168.3.201:1071 Delayed exit in 5 seconds 
2007:09:19-20:19:57 (none) openvpn[4061]: 192.168.3.201:1071 TCPv4_SERVER WRITE [22] to 192.168.3.201:1071: P_ACK_V1 kid=0 [ 26 ] 
2007:09:19-20:19:57 (none) openvpn[4061]: 192.168.3.201:1071 TCPv4_SERVER WRITE [104] to 192.168.3.201:1071: P_CONTROL_V1 kid=0 [ ] pid=29 DATA len=90 
2007:09:19-20:19:58 (none) openvpn[4061]: 192.168.3.201:1071 Connection reset, restarting [0] 
2007:09:19-20:19:58 (none) openvpn[4061]: 192.168.3.201:1071 SIGUSR1[soft,connection-reset] received, client-instance restarting 
2007:09:19-20:19:58 (none) openvpn[4061]: TCP/UDP: Closing socket 


Windows 2003 Server

Benutzer "" wurde Zugriff gewährt.
 Vollqualifizierter Benutzername = NATHAN.local/Users/
 NAS-IP-Adresse =  
 NAS-Kennung = ssl
 Clientanzeigename = firewall
 Client-IP-Adresse = 192.168.3.99
 Kennung der Anruferstation =  
 NAS-Porttyp =  
 NAS-Port =  
 Proxyrichtlinienname = Windows-Authentifizierung für alle Benutzer verwenden
 Authentifizierungsanbieter = Windows 
 Authentifizierungsserver =  
 Richtlinienname = Radius User VPN
 Authentifizierungstyp = PAP
 EAP-Typ = 


This thread was automatically locked due to age.
Parents
  • 0
    Try adding the individual users in the allowed users box for the PPTP config... I've had problems using user groups in the SSL and IPSEC configs before, not sure if it's fixed in the latest updates.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

  • 0 in reply to BrucekConvergent
    I do so with AD authentication and it seems that the group definition doesn ´t work even with V7.009.

    Try as BrucekConvergent already says putting the users in there instead.

    Regards,

    Alex
Reply Children
Cookie Information Banner