IPSEC/L2TP with Radius and CVE-2024-3596

Question

Hello, 
 with the patch from Microsoft KB5040434 07/2024 there are problems with Radius authentication for L2TP. 
 Without the patch, the client connection works without any problems. 
 What can we do? 
 Best Regards 
 Dieter

Dieter · Accepted Answer

Hello, 
 our problem with Radius authentication with L2TP has been solved by Sophos. Many thanks for the great support. Please create a ticket with Sophos and include NC-139018. 
 
 Thanks & Regards

Vivek Jagad · Answer

Hi Dieter , Thank you for reaching out to the community, looks like this is already being investigated - NC-139018 , could you please log a service request ?

Raphael Alganes · Answer

Hello Team, 
 You may refer to this KBA with regards to this concern: https://support.sophos.com/support/s/article/KBA-000009901?language=en_US 
 Thank you

Mayur Makvana · Answer

Hello, 
 Thank you for sharing the case ID. I have added note and suggested team to provide steps to fix it.

Gabor Kovacs · Answer

The Sophos Support applied a workaround on our device. We can connect to the VPN, authetentication works fine. They said they fix this issue in 20 MR3 (2024 Q4). If enybody have same problem, create a support case! 
 Thank you for Support Team help!

Vivek Jagad · Answer

Hi Jaspert - NC-139018 , is currently escalated to development...

IPSEC/L2TP with Radius and CVE-2024-3596

Top Replies