Cisco VPN :: ASA5520 - Getting AnyConnect To Work With New 2008 Radius Server
Sep 14, 2011
We are in the process of upgrading our win2003 radius server with a new win2008 radius server. We have an ASA5520 and FWSM in 6509, using anyconnect client. This has worked fine until we introduced the win2008 radius server. When in the asdm on the asa, you can click on the new server and click test and authenticate ok with your AD credentials. But when try to use anyconnect on your laptop, it takes the credentials password and the accept certificate, but then fails with "anyconnect was not able to connect to specified gateway.." message, then "the secure gateway has rejected the connection attempt due to network connectivity issue...host or network is 0" message. We thought we setup the new radius the same way, obviously not. is therw an easy way to use debug on the firewalls to see what is wrong? looked in event logs on radius server, have not found anything.
View 2 Replies
ADVERTISEMENT
Sep 25, 2012
how to set up 2008 (NPS and NASs) RADIUS Server for 802.1X Wireless clients.
View 1 Replies
View Related
Jan 24, 2011
I am trying to connect an AP541N to a radius server for Domain authentication but cannot figure out how to Configure the widows 2008 Radius server to authenticate users but cannot seem to get the AP541N to do this, how to configure both the 2008 radius server and also the AP541N?
View 2 Replies
View Related
Apr 26, 2011
Just want to check out, does the non-Microsoft based OS client OS (Example: MacOS, Ubuntu, Android) support anyconnect v3.0 And also if my RADIUS server is host using window server 2008 Network Policy Server (NPS) component, can this doing the 802.1X authenticating?
View 1 Replies
View Related
Jun 26, 2010
I am using ASA5520 with webvpn for file sharing. But recently we just upgraded the OS that accommodate file shared folder from win2003 R2 32bit to windows server 2008 R2 64bit. Now I have a problem with accessing file share by ASA webvpn, it appears error contacting host, we have tested the file shared of webvpn on the other OS windows 2003 and windows 2008, they are working on these OS except win2008 R2. Current the ASA OS version is 8.0(2). And the windows firewall has been disabed.
View 3 Replies
View Related
Mar 26, 2012
I have some aironet 1200 AP's. I want to use this with a windows 2008 radius server. I followed the guide on [URL]. Unfortunately I can not get this working. In the securtiy log of the event viewer there is always the message "authenication was not succesful because an unknown username or incorrect password".
- Is it possible to get this working?
- If yes, is there a manual how to configure the AP's and the radius server, or are there any hints?
- Is this the best way to setup a wireless network or is there a better way?
I saw there is also a local radius server inside the 1200. Can all the 1200's work together? I suppose that if I use the built-in radius server than I can't make a connection to my AD database, correct?
View 3 Replies
View Related
May 15, 2012
I have a Cisco ASA5520 with Software Version 8.2(5) in place, most my users are Mac Users and I am currently looking into Cisco AnyConnect in comparison to using VPN client.
I have a couple of questions
1) Does Cisco AnyConnect make use of IPsec or is it soley SSL VPN based?
2) From the license information I have below in my ASA I understand that I can have max 750 vpn peers however am I right in saying that this does not apply to Cisco AnyConnect peers? and that with Cisco AnyConnect I can only have 2 peers? Also what are the disabled anyconnect options for?
Licensed features for this platform:
Maximum Physical Interfaces : Unlimited
Maximum VLANs : 150
[Code]....
3) When trying to set up Cisco Anyconnect on the ASA using ASDM, I noticed I needed to upload AnyConnect client images however when I did this by uploading the .dmg file for mac machines I got the error message "not a valid SVC image". Is this because I am running 8.2?
View 4 Replies
View Related
Aug 19, 2012
we currently have a remote access asa setup using Anyconnect with self signed certificate, and several users in the certificate database as we are using radius and certificate for authentication.
I want to purchase and obtain a trusted CA signed certificate (such as Verisign) and replace the current self signed cert.
My question is will I have to reset the current CA server of the ASA and replace the certificate user database? ie start from scratch.
View 2 Replies
View Related
May 19, 2013
My users are using AnyConnect to make a remote access VPN connections to the corporate office thru an ASA5520. At this time, VPN users have very limited privileges because we allow users to connect using their home computers and RSA tokens.
I need to find a way to determine whether an AnyConnect client is connecting from a company-owned/maintained/patched laptop or some other device. I would like to give full network access to the company laptops while continuing to restrict access to the home machines. So far, the only idea I have is to use DHCP and associate the MAC addresses of the company laptops with addresses is a privielged subnet range.
View 2 Replies
View Related
Feb 22, 2013
Need deployed accounting method to log Anyconnect session details ? Do you do it via a radius server or via logging messages to a syslog server ?
Any appropriate configuration ? I am looking to log successful and unsuccessful authentications as well as session length, log on and log off times.
I've been playing around with Anyconnect authenticating to AD via ACS 5.1 but can't seem to get the accounting details I require. Similarly I have tried to catch appropriate syslog messages but again without much success.
View 4 Replies
View Related
May 13, 2013
We have a Cisco ASA5510 configured to work with Microsoft Radius Server. VPN authorization and authentication is working well with L2TP over IPSec, and users are authenticating with MSChapV2 like we want them to.
Now we are trying to setup Anyconnnect to do the same. How do we tell AnyConnect to use MSChap-V2 versus PAP? using ADSM? I think I know how to do the Microsoft Part of it, but I don't know where to go in ADSM to configure this.
View 2 Replies
View Related
Nov 25, 2012
Is it possible to send profile name as an Radius atribute during client authentication? I would like to match users depends on profile name to sperate Identity Stores in my ACS. ASA 5540 8.4, anyconnect 3.1.01065, ACS 5.1
View 3 Replies
View Related
Mar 6, 2013
Our customer has purchased 2 x L-ASA-AC-E-5520= Anyconnect Essentials VPN Licenses (750 Users)Ive installed both activated licenses as per the cisco guides, I didnt get any errors on the install. I did a reload on both, they are both back up and running as active/standby but when I do a sh ver the license still shows "ASA 5520 VPN Plus License"Am I being dumb and has this worked successfully or should it not now display Anyconnect when I do a sh ver?
View 8 Replies
View Related
Nov 6, 2012
I have been successfully able to setup Cisco AnyConnect VPN on ASA 5520 with 8.4 code. I have set it to authenticate against the RADIUS Server (Microsoft Windows 2008 NPS server). I have noticed one thing, on the server under "Constraints and Authentication Method". I picked MS-CHAP-v2, but it is considered Less secure authentication methods. I can click on Add and choose other Authentication methods like Smart Card or other Certificate, PEAP, EAP-MSCHAP v2. I picked PEAP but then the VPN does not work.
So first of all does it really matter if I just leave it to MS-CHAP-v2? Because from my understanding is that AnyConnect will authenticate to ASA and then ASA in the backend talks to the RADIUS server so from a security stand point this scenario shouldn't it be sufficient as no un encrypted or less secure information is available to the outside world? Secondly is there any documentation on using PEAP with Cisco AnyConnect?
View 4 Replies
View Related
Jan 13, 2012
My computer has today 3x2 TB WD Green disks and thay are really slowing my system down so now I need to move them to somekind of NAS.I was first lookin at the "Synology Disk Station DS411j" but then I found that I got some old hardware laying around (AMD 3200+ CPU, 1 GB ram,XFX GeForce 7600GT, Seasonic SS-300FT in a Thermaltake Xaser II chassi). So now I got some questions :
1. I was looking into running FreeNas on my NAS but if the NAS is crashing then it will be alot of work to get the data back? Is it right that its not possible to just mount a drive from the FreeNas in to my Windows7 computer and read the data?
2. If I install Windows 2008(not r2 that demands 64bits CPU) and then uses dynamic volums to get one big volume, what will happen if this Windows2008 craches? will it be able to place one of the disks in my windows7 computer and reda the data?
3. What happens if one disk i a dynamicvolume craches? will all data be lost?
4. Is there any sleepmode in Windows2008? If would be nice if the computer shutsdown at night and startsup when it is about to be used.
5. Will a finished product like the "Synology Disk Station DS411j" demand less power? Will I earn anything to buy the DS411j instead of my old hardware if we look on the economics?
View 2 Replies
View Related
May 6, 2012
[code]...
I am able to obtain IP addresses through the DHCP server for my clients and I am able to browse internet on the server 2k8.Server 2008 - Share Internet through DHCP server
View 10 Replies
View Related
Feb 11, 2011
I have install the administration toolpack on Windows 7 and enabled remote connections on my server 2008 box, When i try and connect with my Windows 7 server manager it does not work.I see stuff on google about enabling a trustedhost with winrm but can't find a way to do this.
View 18 Replies
View Related
Dec 14, 2010
I've been reading that the Windows Server Backup that is included with Server 08 R2 is pretty good. Is spending $400 on a third party utility worth it?
I'm asking because we're purchasing a new server soon and I want to know if the included backup is going to be good enough. Will be backing up server state as well as data to tape and possibly an off site server (server 2003) if I get my way.
View 19 Replies
View Related
Mar 7, 2012
Does the ASA5520 work with the newest version of h.323?
View 1 Replies
View Related
Jul 5, 2011
I'm having trouble getting this to work, after my upgrade to Mac OS X Lion the Anyconnect client can no longer login. Reinstalling didn't work for me.
View 24 Replies
View Related
Feb 8, 2009
Does WCS 5.0 run on Windows 2008 Server. Does it run on a 32 or 64-bit OS? The WCS datasheet does specify that it can be easily installed on VMware Systems. Does it mean it can be virtualized.
View 6 Replies
View Related
Mar 7, 2013
I am running a small network of 30 pc. I have installed windows server 2003. Now i want to upgrade it to server 2008 but before that i want to test windows server 2008. That is why i,m looking online for a copy of windows server 2008 with reg key. Is there any good and trusted place to get windows server 2008.
View 1 Replies
View Related
Feb 26, 2013
So as far as I can tell our server is not running any AV whatsoever, so I'm buying Kaspersky Small Business with the 10 PC package:Kaspersky Small Office Security | Virus Protection | Kaspersky Lab to install on it and our other PCs, and I was wondering if there's anything I need to know about installing AV on a server.
View 19 Replies
View Related
Aug 13, 2012
I have a dedicated windows server 2008 r2 enterprise.I am running an SSTP VPN but only have 2 IP address to connect to the internet on.My issue is that one of the IPs is for the IIS7 etc and the other is for VPN use.How can I apply the same IP to more than one user allowing them to connect all at one.There are in total about 5 users who want to use the VPN service and I dont really want to pay.How do I apply the same IP to all accounts and allow them to connect and all use the same IP at once.
View 5 Replies
View Related
Jul 22, 2012
Still trying to get this XP pro SP3 to connect to or log into the server, a Windows 2008 jobber. I get the pop up that says unable to access the server, may be a permissions issue. I am administrator on both though and it should not be an issue plus I can ping each machine from the other. The XP machine does not show up in the network on the server though. The server shows up on the XP but then will not allow me to log into it. I changed all user names and pass codes on all the machines to be the same and it cleared up a number of issues except this one. The network name on the server is Network 2 and on another machine the network is named Network 3. Don't know what this means. This XP machine used to connect to the server without issues. My server guy moved away and well, I am just not that savy on 2008 Server. All the other machines are Windows 7. Oh yes, this is a work group with DHCP from a VPN and a Comcast (bless their souls) gateway.
View 2 Replies
View Related
Oct 25, 2011
How to successfully get a Dell Wireless 1397 to work with Windows 2008 x64? I have a Precision M4500 that I managed to install Windows 2008 x64 R2 on. I installed the Windows 7 drivers for the card and the Device Manager says the device is working properly. But when I go to enable the device, it acts like it is enabling it, but the properties always say "disabled".
View 1 Replies
View Related
Jul 5, 2012
I planned for my customer to replace his old LMS 4.0.1 server under Windows 2003 by a new server under Windows 2008 R2.Customer wants also to set a new LMS name and IP address for the new server under Windows 2008 R2 and keep both servers on the network.I'm wondering what could be the best procedure to do that migration.Can I used backup / restore procedure in that case ?If yes, what file must I modify to adapt the new LMS configuration to new hostname and IP Address ?
View 2 Replies
View Related
Sep 27, 2012
Does VPN concentrator "VPN3005" work with AnyConnect SSL VPN client?
View 3 Replies
View Related
Feb 7, 2012
As always, I am trying to install LMS 4.1 on windows server 2008 R2 and after the installation and login to the LMS I find the following:DCRServer is down or may not be completely up. Check if the DCRServer process is running.And after some troubleshooting I found that the LMS is not creating the CMF database and the other databases.
1. I have downloaded the installation file from Cisco website twice, so I do not think it is the file that is corrupted, also it is only evaluation license.
2. I have met all the prerequisites and requirement as in the documentation guides, but maybe there is something still wrong.
View 17 Replies
View Related
Nov 8, 2011
I have a cisco ACS 4.0 build 27 on windows 2003 server . My site was working fine when i was having a AD on 2003 server . Recently i have migrated my AD servers is 2008 .
After the migration the ACS is not authenticating the users . Now i have made a server with 2003 and made the site working . I need a solution to make it work using 2008 server is there any compatiblity issue between ACS 4.0 and 2008 server .
View 1 Replies
View Related
Jun 23, 2011
We have bought lms 3.2 and window server 2008 r2 standard. Now we know, it cant be used together Could we upgrade to lms 4.0.1 ? If so, how can we do ?
View 2 Replies
View Related
Aug 24, 2011
net send command not available on server 2008
View 1 Replies
View Related
May 26, 2011
I have rolled out Terminal Services on Server 2008 R2 for a company I used to work for, it worked perfect the users could go home and browse to our web domain and login and use apps straight from the server.there'd be no Microsoft stuff to be accessed just pure Linux Servers but probarbly if users access the online terminal services on Linux they'd be using a Windows PC
View 1 Replies
View Related
