I use a Watchguard Firebox M200 connecting to the DUO proxy via RADIUS(on a non-standard port 1821) which sits on an existing RADIUS server.
When non-2FA users try to connect to the VPN, it works fine, connecting the users without the 2FA Duo Push prompt.
When I try with a 2FA user, I get the Duo Push prompt, which I tick, Duo authorizes as expected, but it does not connect to the VPN. Instead, I get an error message on the iPhone saying “A connection could not be established to the PPP server…”
If I remove Duo from the equation(ie set my Firebox to use a different Windows RADIUS server), my admin user connects just fine. ie. the VPN config appears to be fine.
Am I missing something with regards to my Windows RADIUS config?
Here’s my authproxy cfg;
host=192.168.10.31 <–this is the Windows RADIUS server which also has the Duoproxy installed
; SERVERS: Include one or more of the following configuration sections.
; To configure more than one server configuration of the same type, append a
; number to the section name (e.g. radius_server_auto1, radius_server_auto2)
radius_ip_1=192.168.10.1 <— this is the Watchguard Firebox which is setup to connect to the Duoproxy RADIUS server on port 1821