10-14-2021 04:57 AM
Hi,
I followed the procedure that explains how to setup Duo for Fortigate’s SSL VPN as i was told that it should work for IPSec VPN connections also.
Everything works as expected but the problem is that the connection still works even before i receive the push notification on my cell. And even if i decline the connection, it still works fine…
So the radius server configuration works fine in the Fortigate, but the VPN connection gets established without me having to approve it beforehand.
What am i missing ??
Solved! Go to Solution.
11-05-2021 10:45 AM
Hi @GDumaresq, yes you are correct that that is your Duo Authentication Proxy debug log. From what you’ve shared here, it looks to me like everything is right and authentication is happening successfully, but I certainly could be wrong. You can always refer to the guide on how to interpret and troubleshoot Duo Authentication Proxy debug logs here for help reading these. I recommend contacting support for further help with this, but please be aware that we are currently experiencing higher than typical volume of support requests, so responses may be delayed.
For faster support, please contact us by phone using the numbers listed duo.com/support . While waiting, we recommend you choose the option to receive a callback to limit your time on hold even further. Our highest volume tends to be Monday through Friday, 10AM ET - 4PM ET (1400 - 2000 UTC). Please consider reaching out to us outside of these hours.
10-20-2021 02:26 AM
Hello,
What does appear in the Radius server logs? I mean, the Radius should not send any Accept-Accept message before your Duo approval.
It it does, you need to look into your Radius server configuration.
Regards,
Antony
10-20-2021 07:52 AM
Are you talking about the following file on the authentication proxy ?
C:\Program Files\Duo Security Authentication Proxy\log\authproxy.log
If so, here’s the log content from my latest test :
2021-10-20T09:56:25.887067-0400 [duoauthproxy.lib.log#info] Sending request from x.x.x.x to radius_server_auto
2021-10-20T09:56:25.887067-0400 [duoauthproxy.lib.log#info] Received new request id 22 from (‘x.x.x.x’, 13457)
2021-10-20T09:56:25.887067-0400 [duoauthproxy.lib.log#info] ((‘x.x.x.x’, 13457), username, 22): login attempt for username ‘username’
2021-10-20T09:56:25.887067-0400 [duoauthproxy.lib.log#info] Sending AD authentication request for ‘username’ to ‘x.x.x.x’
2021-10-20T09:56:25.887067-0400 [duoauthproxy.modules.ad_client._ADAuthClientFactory#info] Starting factory <duoauthproxy.modules.ad_client._ADAuthClientFactory object at 0x00000076A3753BB0>
2021-10-20T09:56:25.902689-0400 [duoauthproxy.lib.log#info] Got signature length 16
2021-10-20T09:56:25.918314-0400 [duoauthproxy.lib.log#info] Got signature length 16
2021-10-20T09:56:25.918314-0400 [duoauthproxy.lib.log#info] Got signature length 16
2021-10-20T09:56:25.933938-0400 [duoauthproxy.lib.log#info] Got signature length 16
2021-10-20T09:56:25.933938-0400 [duoauthproxy.lib.log#info] http POST to https://■■■■■■■■■■■■■■■■■■■■■■■■■■■■:443/rest/v1/preauth
2021-10-20T09:56:25.933938-0400 [duoauthproxy.lib.http._■■■■■■■■■■■■■■■■■■■■#info] Starting factory <_■■■■■■■■■■■■■■■■■■■■: b’hxxps://■■■■■■■■■■■■■■■■■■■■■■■■■■■■:443/rest/v1/preauth’>
2021-10-20T09:56:25.933938-0400 [duoauthproxy.modules.ad_client._ADAuthClientFactory#info] Stopping factory <duoauthproxy.modules.ad_client._ADAuthClientFactory object at 0x00000076A3753BB0>
2021-10-20T09:56:26.027687-0400 [duoauthproxy.lib.log#info] ((‘x.x.x.x’, 13457), username, 22): Got preauth result for: ‘auth’
2021-10-20T09:56:26.027687-0400 [duoauthproxy.lib.log#info] hxxp POST to hxxps://■■■■■■■■■■■■■■■■■■■■■■■■■■■■:443/rest/v1/auth
2021-10-20T09:56:26.027687-0400 [duoauthproxy.lib.hxxp._■■■■■■■■■■■■■■■■■■■■#info] Starting factory <_■■■■■■■■■■■■■■■■■■■■: b’hxxps://■■■■■■■■■■■■■■■■■■■■■■■■■■■■:443/rest/v1/auth’>
2021-10-20T09:56:26.027687-0400 [duoauthproxy.lib.hxxp._■■■■■■■■■■■■■■■■■■■■#info] Stopping factory <_■■■■■■■■■■■■■■■■■■■■: b’hxxps://■■■■■■■■■■■■■■■■■■■■■■■■■■■■:443/rest/v1/preauth’>
2021-10-20T09:56:39.140954-0400 [duoauthproxy.lib.log#info] ((‘x.x.x.x’, 13457), username, 22): Duo authentication returned ‘allow’: ‘Success. Logging you in…’
2021-10-20T09:56:39.140954-0400 [duoauthproxy.lib.log#info] ((‘x.x.x.x’, 13457), username, 22): Returning response code 2: AccessAccept
2021-10-20T09:56:39.140954-0400 [duoauthproxy.lib.log#info] ((‘x.x.x.x’, 13457), username, 22): Sending response
2021-10-20T09:56:39.140954-0400 [duoauthproxy.lib.hxxp._■■■■■■■■■■■■■■■■■■■■#info] Stopping factory <_■■■■■■■■■■■■■■■■■■■■: b’hxxps://■■■■■■■■■■■■■■■■■■■■■■■■■■■■:443/rest/v1/auth’>
Here are the steps I take :
11-05-2021 10:45 AM
Hi @GDumaresq, yes you are correct that that is your Duo Authentication Proxy debug log. From what you’ve shared here, it looks to me like everything is right and authentication is happening successfully, but I certainly could be wrong. You can always refer to the guide on how to interpret and troubleshoot Duo Authentication Proxy debug logs here for help reading these. I recommend contacting support for further help with this, but please be aware that we are currently experiencing higher than typical volume of support requests, so responses may be delayed.
For faster support, please contact us by phone using the numbers listed duo.com/support . While waiting, we recommend you choose the option to receive a callback to limit your time on hold even further. Our highest volume tends to be Monday through Friday, 10AM ET - 4PM ET (1400 - 2000 UTC). Please consider reaching out to us outside of these hours.
11-05-2021 11:32 AM
11-05-2021 11:32 AM
Great, I’m glad to hear you were able to get this working!
12-19-2022 02:08 AM
Hi,
You can explain how you do please i have the same problem.
thank you for the reply.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide