When a user connects to the remote access VPN. The username in the connection logs shows as "Not Found" and I can't use ACP to control traffic. It use to work back in an earlier version from FMC 6.2, but since stopped working even with the latest releases. Not sure what I'm missing, but identity seems to work fine for internal connections out to the internet.
I did just find one environment where it is working, but when I connect from my computer, it shows "Not Found". Does the machine have to be joined to the domain or something??
Solved! Go to Solution.
When you say recent releases, what version are you referring to? The User Agent has been depreciated from version 6.7, recommendation is to use ISE/ISE-PIC instead.
So, I'm also using Duo. If I switch primary authentication to AD, then use Duo as secondary, it does work. I see the username in the connection logs. The only problem now is that the user must enter the password twice. Opened a case with Duo for review as well. Would be nice if I can just use Duo for primary authentication and have the username show up in the connection logs. This way the user will only have to enter the password once.
I'm not using anything higher than 6.6. Mix of 6.5 and 6.6. I'm just not understanding how identity works for VPN users. I have a TAC case open for further review. This one environment the username show, but I connect from my machine and it shows "Not Found". I'm not part of the domain, but authenticated with a domain account.