Hi,
We have a new Sophos XG and can't get the Sophos Connect VPN to work with Radius. Support have been looking at this for around 2 weeks and no luck yet so I'm reaching out to see if anyone might have any ideas.
We have Radius configured and passing the tests fine but when trying to connect using an AD username and password on Sophos Connect it doesn't accept it with "User Authentication Failed"
If we have PAP turned off on the NPS server we get a message in event viewer saying:
Authentication Type: PAP
EAP Type: -
Account Session Identifier: -
Logging Results: Accounting information was written to the local log file.
Reason Code: 66
Reason: The user attempted to use an authentication method that is not enabled on the matching network policy.
If we turn PAP on then we get nothing in event viewer. No matter what auth settings we use in NPS we get the following messaging on the firewall:
"User {username} failed to login to VPN through RADIUS authentication mechanism because of access not allowed"
We have tried all this with Active Directory authentication and get the exact same results.
Lastly, any AD user can log into the XG User Portal with no issues. This then adds them as a local user account on the firewall and they can then use Sophos Connect. Ideally, we don't have to have to get all our users to log into the portal first before being able to use the VPN
We are running firmware: SFOS 18.0.3 MR-3
Cheers
This thread was automatically locked due to age.
