M200 with Duo Security 2FA
M200 with 12.5.2, NPS Win Server 2016.
Trying to seet up 2FA with Duo Security, following instructions at https://www.watchguard.com/help/docs/help-center/en-US/Content/Integration-Guides/General/duo-security-authentication.html
All almost to be working: NPS RADIUS event viewer server shows access granted, Duo mobile push is showing up on mobile. As soon as I tap allow on Duo, I get disconnected.
Here's what it looks like:
admd Authentication of L2TPVPN user [[email protected]] from myIP was accepted msg_id="1100-0004"
l2tp [:00834,sess_change_event_handler]: (l2tp) l2tp-sess: failed to find node with virtual IP:0.0.0.0
If I remove the Duo Auth Proxy, it works:
sessiond L2TP VPN user [email protected] from myIP logged in assigned virtual IP is 10.0.4.2 msg_id="3E00-0002"
filter-id is L2TP-Users, account is not in a nested group, duo auth proxy is set to pass all radius parameter.
It seems that when using Duo, it can't assign virtual IP then it disconnects.
Is the M200 compatible with Duo 2FA?