07-20-2022 03:28 PM
We’ve got the following setup:
2 x Meraki MX100 in datacenter setup with RADIUS authentications to Duo Proxy
2 x Windows Server 2019 Domain Controllers with Duo Proxy 5.7.1 installed
Windows 11 laptops with L2TP VPN configuration to MX100
Occasionally some users won’t receive a push message when they try to connect to the VPN. When we try to troubleshoot and log in with a different account, it will work without changing any settings. Sometimes after we closed our session, the user is able to use the VPN again. However, most of the time we need to delete the VPN profile, and re-configure the Windows VPN client from scratch again.
Because it randomly happens to users and we can’t pin it down to hardware or configuration flaws, we are getting a little bit frustrated?
Is anyone experiencing the same issue, or has some advice on where to start looking next?
08-24-2022 12:23 PM
Depending on how often it happens, are you able to setup a packet capture on the MX to the RADIUS servers and see if that call is being made? As well does it happen at a time of high traffic on the interfaces?
08-24-2022 01:32 PM
A couple of days after this post, the issue resolved itself. I believe it has been traced back to a bug at Duo’s end, resulting in the push messages never getting sent.
Unfortunately, Duo Support wasn’t aware by the time I contacted them. They suggested deploying AnyConnect instead of using the built-in Windows VPN client.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide