Any ideas on this one guys? Can't find a solution and its stopped us proceeding. I've emailed Duo support who we use as a RADIUS proxy for MFA but no word back from them either.
> On 10 Jul 2018, at 07:57, Christian Salway <[email protected]> > wrote: > > Why would it fail after getting an approved access from RADIUS > > 12[CFG] sending RADIUS Access-Request to server 'primary' > 16[MGR] ignoring request with ID 5, already processing > 09[MGR] ignoring request with ID 5, already processing > 12[CFG] received RADIUS Access-Accept from server 'primary' > 12[IKE] RADIUS authentication of 'test' successful > 12[IKE] EAP method EAP_MSCHAPV2 succeeded, no MSK established > 12[ENC] generating IKE_AUTH response 5 [ EAP/SUCC ] > 12[NET] sending packet: from 172.31.19.40[4500] to 86.2.58.36[4500] (80 bytes) > 06[NET] received packet: from 86.2.58.36[4500] to 172.31.19.40[4500] (112 > bytes) > 06[ENC] parsed IKE_AUTH request 6 [ AUTH ] > 06[IKE] verification of AUTH payload without EAP MSK failed > 06[ENC] generating IKE_AUTH response 6 [ N(AUTH_FAILED) ]
