cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

783
Views
0
Helpful
4
Replies
Jack G
Beginner

Remote Access VPN, user identity "Not Found" Using User Agent and unable to use ACP to control RAVPN traffic per user

When a user connects to the remote access VPN. The username in the connection logs shows as "Not Found" and I can't use ACP to control traffic. It use to work back in an earlier version from FMC 6.2, but since stopped working even with the latest releases. Not sure what I'm missing, but identity seems to work fine for internal connections out to the internet.

 

I did just find one environment where it is working, but when I connect from my computer, it shows "Not Found". Does the machine have to be joined to the domain or something??

 

Any thoughts?

1 ACCEPTED SOLUTION

Accepted Solutions

Figured it out, in the RADIUS Server Group Options, I had to select the Realm. Funny because Duo support said this setting could be ignored

View solution in original post

4 REPLIES 4
Rob Ingram
VIP Mentor

@Jack G 

When you say recent releases, what version are you referring to? The User Agent has been depreciated from version 6.7, recommendation is to use ISE/ISE-PIC instead.

So, I'm also using Duo. If I switch primary authentication to AD, then use Duo as secondary, it does work. I see the username in the connection logs. The only problem now is that the user must enter the password twice. Opened a case with Duo for review as well. Would be nice if I can just use Duo for primary authentication and have the username show up in the connection logs. This way the user will only have to enter the password once.

Figured it out, in the RADIUS Server Group Options, I had to select the Realm. Funny because Duo support said this setting could be ignored

View solution in original post

Jack G
Beginner

I'm not using anything higher than 6.6. Mix of 6.5 and 6.6. I'm just not understanding how identity works for VPN users. I have a TAC case open for further review. This one environment the username show, but I connect from my machine and it shows "Not Found". I'm not part of the domain, but authenticated with a domain account.