"User Not Found" in AuthPoint Logs

Hello everyone,

I just deployed AuthPoint last night and overall it went pretty smoothly. I am setup with AD sync, RADIUS and software tokens. This morning most user issues have been user error. However, I have one issue that has me stumped. I have a case open with support but they seem to be swamped with calls thanks to COVID19 so I wanted to ask here hoping for a faster solution.

I have a user who exists in my on-prem AD environment, he synced into AuthPoint and his account shows active. He was able to setup the token and his account shows an active token. However, the gateway logs show "user not found" every time he tries to authenticate despite his active AD and AuthPoint user accounts. my NPS server shows no incoming queries for his userID, but shows requests for all other users. It's as if the gateway isn't forwarding his authentication requests to my NPS. Everyone else connects just fine and shows in the NPS logs. Any advice where to start?

Thanks a ton!

2020-03-27 08:12:22 INFO [pool-2-thread-10] c.w.a.r.r.r.u.RadiusProcessRequestThread - Request received from 172.20.0.1

2020-03-27 08:12:22 INFO [pool-2-thread-10] c.w.a.r.r.r.u.RadiusProcessRequestThread - Getting user policy - Username: [email protected]

2020-03-27 08:12:23 INFO [pool-2-thread-10] c.w.a.r.r.r.u.RadiusProcessRequestThread - User policy received - Username: [email protected] - Request-Id:0b1474ea-0ab8-4217-b618-6dae36c0aa48

2020-03-27 08:12:23 ERROR [pool-2-thread-10] c.w.a.r.r.r.m.s.UserPolicyService - 051004022 - User not found. - Request-Id:0b1474ea-0ab8-4217-b618-6dae36c0aa48

2020-03-27 08:12:23 ERROR [pool-2-thread-10] c.w.a.r.r.r.u.RadiusProcessRequestThread - Authentication denied due error related with the MSChap v2. - Request-Id:0b1474ea-0ab8-4217-b618-6dae36c0aa48

Comments

  • I'm having a similar issue. One user at this point out of 70. I've tried deleting their token and adding a new, they sync fine, token is actie. If i use the VPN client i get the push notification on my device. Th user can reeive push notifcations from Watchguard Cloud. For som ereason their user name will not login, it gives the error about using previsou config, ive said yes and no to this with no luck. Upgraded the VPN client to 12.6.3, no sign of user in any logs.

  • james.carsonjames.carson Moderator, WatchGuard Representative

    @NitroxJunkie
    Your log is complaining about MSCHAPv2. Make sure you have it enabled in your RADIUS server resource settings. If it's not enabled, IKEv2 and L2TP authentication will reject.

    @ahooper
    In your case, it's the user logging into the firewall. Look at the logs in traffic monitor (search for "admd") and see what it says there when the user tries to log in.

    -James Carson
    WatchGuard Customer Support

Sign In to comment.