A user fails to connect to the vpn, A user fails to connect to the – Nortel Networks NN46120-104 User Manual
Page 163
aaa
163
A User Fails to Connect to the VPN
There can be different reasons for why a user is having difficulty
authenticating to the VPN or why a client connection cannot be
established: the user name or password is wrong, the configured
authentication server cannot be reached, the group name retrieved from
the authentication server does not exist on the VPN Gateway and so on.
To trace the different steps involved in a specific process, for example,
authorization, enter the following command.
>> Main# maint/starttrace
Enter tags (list of all,aaa,dns,ike,ipsec,ippool,ssl,tg,pptp,
upref, ftp,smb,netdirect,netdirect_packet) [all]: aaa,ssl
Enter VPN (or 0 for all VPNs) [0]:
Output mode (interactive/tftp/ftp/sftp) [interactive]:
Enter the desired tag(s) separated by comma, for example,
aaa,ssl
to trace the user authorization and SSL handshake processes, or press
ENTER to trace all processes. To limit tracing to a specific VPN, enter the
desired VPN ID, or press ENTER to view trace information for all domains.
Select the desired output mode.
•
interactive
. The result is displayed directly in the CLI.
•
tftp/ftp/sftp
. The result is exported as a file to the specified
TFTP/FTP/SFTP server.
When starttrace is on, different steps in the selected process (tag) is
logged. For sample outputs, see
To disable tracing, press ENTER to display the prompt, then enter
stoptrace
.
>> Maintenance# stoptrace
aaa
The
aaa
tag logs authentication method, user name, timeouts, group and
profile (base or extended).
Nortel VPN Gateway
User Guide
NN46120-104
02.01
Standard
14 April 2008
Copyright © 2007-2008 Nortel Networks
.