"User Not Found" in AuthPoint Logs

Hello everyone,

I just deployed AuthPoint last night and overall it went pretty smoothly. I am setup with AD sync, RADIUS and software tokens. This morning most user issues have been user error. However, I have one issue that has me stumped. I have a case open with support but they seem to be swamped with calls thanks to COVID19 so I wanted to ask here hoping for a faster solution.

I have a user who exists in my on-prem AD environment, he synced into AuthPoint and his account shows active. He was able to setup the token and his account shows an active token. However, the gateway logs show "user not found" every time he tries to authenticate despite his active AD and AuthPoint user accounts. my NPS server shows no incoming queries for his userID, but shows requests for all other users. It's as if the gateway isn't forwarding his authentication requests to my NPS. Everyone else connects just fine and shows in the NPS logs. Any advice where to start?

Thanks a ton!

2020-03-27 08:12:22 INFO [pool-2-thread-10] c.w.a.r.r.r.u.RadiusProcessRequestThread - Request received from

2020-03-27 08:12:22 INFO [pool-2-thread-10] c.w.a.r.r.r.u.RadiusProcessRequestThread - Getting user policy - Username: user@domain.com

2020-03-27 08:12:23 INFO [pool-2-thread-10] c.w.a.r.r.r.u.RadiusProcessRequestThread - User policy received - Username: user@domain.com - Request-Id:0b1474ea-0ab8-4217-b618-6dae36c0aa48

2020-03-27 08:12:23 ERROR [pool-2-thread-10] c.w.a.r.r.r.m.s.UserPolicyService - 051004022 - User not found. - Request-Id:0b1474ea-0ab8-4217-b618-6dae36c0aa48

2020-03-27 08:12:23 ERROR [pool-2-thread-10] c.w.a.r.r.r.u.RadiusProcessRequestThread - Authentication denied due error related with the MSChap v2. - Request-Id:0b1474ea-0ab8-4217-b618-6dae36c0aa48


  • Options

    I'm having a similar issue. One user at this point out of 70. I've tried deleting their token and adding a new, they sync fine, token is actie. If i use the VPN client i get the push notification on my device. Th user can reeive push notifcations from Watchguard Cloud. For som ereason their user name will not login, it gives the error about using previsou config, ive said yes and no to this with no luck. Upgraded the VPN client to 12.6.3, no sign of user in any logs.

  • Options
    james.carsonjames.carson Moderator, WatchGuard Representative

    Your log is complaining about MSCHAPv2. Make sure you have it enabled in your RADIUS server resource settings. If it's not enabled, IKEv2 and L2TP authentication will reject.

    In your case, it's the user logging into the firewall. Look at the logs in traffic monitor (search for "admd") and see what it says there when the user tries to log in.

    -James Carson
    WatchGuard Customer Support

  • Options

    I had the same issue today:
    Authentication denied due error related with the MSChap v2

    This was when i was testing ikev2 authentication to my secondary AuthPoint gateway and was caused by the fact, i had not created a Radius client on my NPS server where my primary AuthPoint gateway was running.

    I only noticed because the NPS was logging:
    A RADIUS message was received from the invalid RADIUS client IP address x.x.x.x


Sign In to comment.