Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
981
Views
0
Helpful
0
Comments

Remote authentication does not work

TCC_2
Level 10
Level 10

‎06-22-2009 04:36 PM - edited ‎02-21-2020 09:55 PM

Core issue

The RADIUS server supports Microsoft Point-to-Point Encryption (MPPE) but needs to be configured for MPPE keying.

Resolution

To resolve this issue, perform these steps:

  1. Configure your RADIUS server for MPPE keying by verifying these:
    • Microsoft vendor-specific attribute 26 for encryption allowed or encryption required is On.
    • Either 40-bit or 128-bit encryption is enabled.

  2. MS-CHAP-MPPE-Keys are generated. (Setup may vary slightly by vendor.)
  3. Turn on encryption in the PIX, as shown:

    • For PIXes with 40- and 128-bit encryption, use the vpdn group group_name ppp encryption mppe command.
    • For non-3DES PIXes, use the vpdn group {name} ppp encryption mppe 40 command.
  4. Add the debug ppp io and debug ppp error commands.
  5. Change PC settings to one of these (depending on operating system):

    • Require data encryption
    • Optional encryption (connect even if no encryption)
    • Require encryption (disconnect if server declines) [40 bit]
    • Maximum strength encryption (disconnect if server declines) [128 bit, unless the PIX version does not support 128-bit encryption)
  6. Try connecting again.
Labels:
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents