The VPN login works fine with AD or local IDs for its auth. It fails with Radius.
I"m not seeing any authentication attempts on the Duo Authentication log.
Telnet from the F300 times out when trying to connect to the 2012r2 VM on port 1812
The VM has the Duo proxy started, and its firewall has explicit incoming allows for the proxy and for TCP 1812.
I just found and enabled firewall loggiing on the 2012r2 VM that hosts the Duo proxy.
After 9XXdisabling the firewallXX) allowing all incoming, I see allowed UDP traffic from the F300 to the Duo VM from port 12349 to 1812. I changed the firewall rule to allow incoming 1812 UDP.
After that I see TCP traffic from the Duo VM to my domain controllers, from 64050 (incrementing) to 389
I have no replies from the domain controller. Thoughts on why this part of the auth is being blocked?
The Duo box is configured with a service account. That account only has domain user membership - that should be enough to authenticate, shouldn’t it?
Edit – Added
OK - tracked it back to a domain controller. The event log shows an Unknown user name or bad password. The user name of the Duo service account is being passed correctly, but the domain is being passed as “M” instead of MyDomain.