11-14-2022 03:29 AM
Hello
First time trying to setup Duo mfa. Currently i have working solution where radius client connects to Windows NPS Radius server and get authenticated.
I installed Duo Auth Proxy in new server and made the following config:
[radius_client]
host=RadiusSever
secret=pass
port=1812
pass_through_all=true
[radius_server_auto]
ikey=xxx
skey=xxx
api_host=xxx
radius_ip_1=client 1 ip
radius_secret_1=pass
client=radius_client
But when i click validate i get error:
Testing section 'radius_client' with configuration:
[info] {'host': 'RadiusServer',
'pass_through_all': 'true',
'port': '1812',
'secret': '*****'}
[warn] We cannot confirm that the Auth Proxy was able to establish a RADIUS connection to RadiusServer:1812. In the case of an actual failure this may be due to a misconfigured secret or network issues. This may also happen if the upstream RADIUS Server does not support the Status-Server message
And in NPS error logs i get:
A RADIUS message with the Code field set to 12, which is not valid, was received on port 1812 from RADIUS client [Duo] Server. Valid values of the RADIUS Code field are documented in RFC 2865.
What could be the problem?
11-14-2022 08:11 AM
NPS doesn’t support the Status-Server message, that’s all. It doesn’t indicate an issue with your configuration.
When will the MS Server support Radius Code Field 12 (Status-Server)? (someone asking in a Microsoft forum if NPS will ever support it.)
11-14-2022 10:29 PM
Many thanks for the quick replay.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide