General Discussion Radius Authentication

UTM Firewall requires membership for participation - click to join

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Radius Authentication

Shannon Harvey over 4 years ago

Hi All,

I am having an issue with radius authentication, I have setup NPS and my SG115 UTM as outlined in the following articles https://rieskaniemi.com/azuremfa-nps-extension-with-sophos-utm-firewall/ and https://community.sophos.com/sophos-xg-firewall/f/recommended-reads/122575/sophos-xg-using-azure-mfa-for-ssl-vpn-and-user-portal however when I attempt to test the server portion is successful the user portion is not. The error code I'm getting on the NPS server is number 66 which suggests that the wrong authentication mechanism is being used, but as I understand it only PAP can be used for this application. Has anyone seen this issue before and if so can you provide some guidance as to what I'm doing wrong and what I can do to resolve this?

Thank you

Shannon

This thread was automatically locked due to age.

Top Replies

Shannon Harvey over 4 years ago in reply to BAlfson +1

yes. this is for MFA with Azure. I managed to get the issue that I posted about resolved by changing the order of the policy. I'm not however able to adequately test as I'm not being prompted for 2FA

0 dirkkotte over 4 years ago

can you post the full eventlog entry? ... possible via PM if confidential.

Dirk

Systema Gesellschaft für angewandte Datentechnik mbH // Sophos Platinum Partner
Sophos Solution Partner since 2003
If a post solves your question, click the 'Verify Answer' link at this post.
0 BAlfson over 4 years ago

Hi Shannon and welcome to the UTM Community!

These are old links from my notes: Start with How to configure RADIUS Authentication with Windows Server and then continue with How to use RADIUS Authentication: Astaro Security Gateway/Sophos UTM.

The second article to which you linked is for XG, not the UTM and the first article is about doing MFA with Azure. Is your NPS in Azure?

In addition to the log lines that Dirk has requested, please insert a pic of the Edit of the RADIUS 'Authentication Server' on the 'Server' tab of 'Authentication Services'.

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
- 0 Shannon Harvey over 4 years ago in reply to BAlfson
  
  yes. this is for MFA with Azure. I managed to get the issue that I posted about resolved by changing the order of the policy. I'm not however able to adequately test as I'm not being prompted for 2FA