"User Not Found" in AuthPoint Logs
Hello everyone,
I just deployed AuthPoint last night and overall it went pretty smoothly. I am setup with AD sync, RADIUS and software tokens. This morning most user issues have been user error. However, I have one issue that has me stumped. I have a case open with support but they seem to be swamped with calls thanks to COVID19 so I wanted to ask here hoping for a faster solution.
I have a user who exists in my on-prem AD environment, he synced into AuthPoint and his account shows active. He was able to setup the token and his account shows an active token. However, the gateway logs show "user not found" every time he tries to authenticate despite his active AD and AuthPoint user accounts. my NPS server shows no incoming queries for his userID, but shows requests for all other users. It's as if the gateway isn't forwarding his authentication requests to my NPS. Everyone else connects just fine and shows in the NPS logs. Any advice where to start?
Thanks a ton!
2020-03-27 08:12:22 INFO [pool-2-thread-10] c.w.a.r.r.r.u.RadiusProcessRequestThread - Request received from 172.20.0.1
2020-03-27 08:12:22 INFO [pool-2-thread-10] c.w.a.r.r.r.u.RadiusProcessRequestThread - Getting user policy - Username: user@domain.com
2020-03-27 08:12:23 INFO [pool-2-thread-10] c.w.a.r.r.r.u.RadiusProcessRequestThread - User policy received - Username: user@domain.com - Request-Id:0b1474ea-0ab8-4217-b618-6dae36c0aa48
2020-03-27 08:12:23 ERROR [pool-2-thread-10] c.w.a.r.r.r.m.s.UserPolicyService - 051004022 - User not found. - Request-Id:0b1474ea-0ab8-4217-b618-6dae36c0aa48
2020-03-27 08:12:23 ERROR [pool-2-thread-10] c.w.a.r.r.r.u.RadiusProcessRequestThread - Authentication denied due error related with the MSChap v2. - Request-Id:0b1474ea-0ab8-4217-b618-6dae36c0aa48
Comments
I'm having a similar issue. One user at this point out of 70. I've tried deleting their token and adding a new, they sync fine, token is actie. If i use the VPN client i get the push notification on my device. Th user can reeive push notifcations from Watchguard Cloud. For som ereason their user name will not login, it gives the error about using previsou config, ive said yes and no to this with no luck. Upgraded the VPN client to 12.6.3, no sign of user in any logs.
@NitroxJunkie
Your log is complaining about MSCHAPv2. Make sure you have it enabled in your RADIUS server resource settings. If it's not enabled, IKEv2 and L2TP authentication will reject.
@ahooper
In your case, it's the user logging into the firewall. Look at the logs in traffic monitor (search for "admd") and see what it says there when the user tries to log in.
-James Carson
WatchGuard Customer Support
I had the same issue today:
Authentication denied due error related with the MSChap v2
This was when i was testing ikev2 authentication to my secondary AuthPoint gateway and was caused by the fact, i had not created a Radius client on my NPS server where my primary AuthPoint gateway was running.
I only noticed because the NPS was logging:
A RADIUS message was received from the invalid RADIUS client IP address x.x.x.x
/Robert