Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
749
Views
0
Helpful
2
Replies

ACS 4.2 VPN auth with Iphone

rvopel
Level 1
Level 1

‎09-14-2009 07:08 AM - edited ‎03-10-2019 04:41 PM

Authentication failes with message:

ACS MSCHAP password is invalid.

Group auth works perfect.

This problem only occurs when the local ACS User has an \ in the username

Domain\user123

The auth works perfect with the same password and the Username user123 without Domain.

The problem occurs with ACS internal Database and with Windows Database configured for the Users123's Password Authentication

Can anybody help with this?

Thanks

Labels:
0 Helpful
2 Replies 2

mchin345
Level 6
Level 6

‎09-18-2009 09:51 AM

The error message you see implies that the user's entry is set to authenticate to the ACS itself and the MS-CHAP password defined within ACS is not defined correctly.

Check under the user setup what the "password authentication" dropdown is set to. Is it set to "ACS Internal database"? This is likely why you are seeing this error - it should instead list "Windows Database".

make sure ACS presently supports MS-CHAP version 1. ACS versions 3.0 and later support MS-CHAP versions 1 and 2.

0 Helpful

rvopel
Level 1
Level 1
In response to mchin345

‎09-23-2009 06:01 AM

Hello mchin345,

thank for your answer.

1) The password authentication is set to "Windows Database"

2) The ACS is set to MS-CHAP Version 1 and 2.

The authentication works with a User Example1:

PaulMeyer but not the the same User settings with the User named

Example2:

Domain\PaulMeyer

With a user who has a \ in the username it doesn't work!

This is strange but several times verified.

Other ideas?

0 Helpful
Customers Also Viewed These Support Documents