07-16-2019 03:32 AM
I use a Watchguard Firebox M200 connecting to the DUO proxy via RADIUS(on a non-standard port 1821) which sits on an existing RADIUS server.
When non-2FA users try to connect to the VPN, it works fine, connecting the users without the 2FA Duo Push prompt.
When I try with a 2FA user, I get the Duo Push prompt, which I tick, Duo authorizes as expected, but it does not connect to the VPN. Instead, I get an error message on the iPhone saying “A connection could not be established to the PPP server…”
If I remove Duo from the equation(ie set my Firebox to use a different Windows RADIUS server), my admin user connects just fine. ie. the VPN config appears to be fine.
Am I missing something with regards to my Windows RADIUS config?
Here’s my authproxy cfg;
[radius_client]
host=192.168.10.31 <–this is the Windows RADIUS server which also has the Duoproxy installed
secret=**********
pass_through_all=true
; SERVERS: Include one or more of the following configuration sections.
; To configure more than one server configuration of the same type, append a
; number to the section name (e.g. radius_server_auto1, radius_server_auto2)
[radius_server_auto]
ikey=*********
skey=**********
■■■■
radius_ip_1=192.168.10.1 <— this is the Watchguard Firebox which is setup to connect to the Duoproxy RADIUS server on port 1821
radius_secret_1=*******
failmode=safe
client=radius_client
port=1821
failmode=safe
pass_through_all=true
07-16-2019 07:33 AM
Hey Robert, please contact Duo Support for help with your issue.
03-21-2020 08:16 PM
Robert, was there a resolution to this issue? I am having the same result.
Thanks
03-25-2021 06:52 AM
Hi Guys,
I’m running in to the same issue but on windows. Did you get any solutions?
Thanks
03-25-2021 08:20 AM
Sorry Ehan, I ended up using Watchguard Authpoint instead.
Rgds,
Rob
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide