Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
625
Views
0
Helpful
1
Replies

IPSec Client Access VPN

sprocket10
Level 2
Level 2

‎09-28-2020 04:24 AM

I am creating a IPSec IKEv1 client access VPN on a ASA 5516x to allow clients to VPN in using the native Windows 10 vpn.

I have created the profile which works perfectly with local user authentication, but if I switch it across to the Radius profile I am getting the error "The remote connection was denied because the user name and password combination you provided is not recognized, or the selected authentication protocol is not permitted on the remote access server".

 

The radius server is showing no errors or logs, and the radius profile is working with clients using the Anyconnect software.

The Windows 10 profile is set to use MS-Chap v2 on the security tab.

 

What is preventing the radius server from working on the IPSec connection.

Labels:
0 Helpful
1 Reply 1

sprocket10
Level 2
Level 2

‎09-28-2020 05:38 AM

Update

After enabling password management I am getting errors on the NPS server logs.

If I do a test authentication in the Radius on the ASA I get a successful authentication, but when trying on the VPN I get a logged error on the NPS for Unknown user name or bad password.

 

Why is the VPN failing to authenticate with exactly the same credentials?

0 Helpful
Customers Also Viewed These Support Documents