Cisco VPN Authentication Problem

[compuveg]

Our Cisco 3005 device authenticates logins with our ADS server. (ADS server = 10.120.8.9 in log entry below) One user that was given VPN access and was having no problems. Suddenly this user is unable to login.

First thing I checked was that the user wasn't locked out and they are not. I've ruled out that it is some locally cached problem by trying to login on a different machine with the same results. No other accounts have a problem logging in. Googling hasn't led me anywhere. Below is the error.

171 03/08/2006 16:50:23.120 SEV=3 AUTH/5 RPT=18 24.106.236.122 Authentication rejected: Reason = Unspecifiedhandle = 28, server = 10.120.8.9, user = dsmith, domain = <not specified>

Any ideas what would cause this?

 

[Triplejolt]

Have you tried to delete the user and make a new one? And you should also check the VPN profile of the user. Some users have a tendency to be "creative"...

A firm beleiver of "Keep it Simple" philosophy
Cheers
/T

 

[compuveg]

No, I have not deleted the user and created a new one. However, I don't think the client config is the problem, as any other user is able to authenticate. That was my first thought, so I logged in myself when it returned her to the username/password screen. I had no problem. As a workaround she does have a login solely for VPN access, but that is not a permanent fix IMHO.

It does sound like a good lead. Maybe there's some form of ADS repair that needs done on her login.

 

[NetworkGhost]

The error is saying that it is a badusername or password. Did they change their password recently?

I think this is probably a really simple issue. Have you tried changing the password?

 

[compuveg]

I set the password to something I knew, and was still unable to get in. I double-checked this by logging in elsewhere using the same username/password.

I'm tempted to completely delete the account and re-create it, joining it to the same groups. I've tried everything else.