Ars Technica

Cisco ASA VPN with RADIUS auth, locking usernames to a specific vpn group-policy

So I found this page, which indicates that the policy attribute 'group-lock' is used to limit a vpn group-policy so that valid users can only login to groups to which the radius server says they ...
Ars Technica

Cisco Aironet 1100 intermittantly failing RADIUS auth (with IAS)

I have several Aironet 1100s and more than one is exhibiting this problem, making me think this is a network or firewall issue (there's an OpenBSD firewall between the WAPs and the RADIUS/IAS server).