Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 3 replies
  • Subscribers 27 subscribers
  • Views 1650 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL VPN Client with Azure MFA push?

Phillip Sumby

When I type my credentials and connect, I receive an Authenticator Push and accept it, shortly after I recieve the credential window of the VPN client again. The logs on the Radius server show successful authentication was completed, but isn't being accepted by the Firewall for some reason, evidenced by the client never connecting. On the sophos side, there aren't any authentication failures showing in the logs. SSLVPN client logs show the push request followed by SENT CONTROL [username]: 'AUTH_FAILED' (status=1).

Any help would be greatly appreciated. Does anyone know what i could be missing here?

Thanks



This thread was automatically locked due to age.
Parents
  • FormerMember
    0 FormerMember

    Hi ,

    Thank you for reaching out to the Community.

    I would advise you to put the access_server process in debugging, replicate the issue and provide access_server logs in debugging. 

    Follow this KB Article to SSH into the XG firewall: Sophos XG Firewall: How to SSH to the firewall using PuTTY utility

    Select Option 5 (Device Management) > Option 3 (Advance Shell)

    Run this command to put the access_server service in debug:

    • service access_server:debug -d -s nosync

    Please check out the following KBA to locate and capture the logs: Sophos XG Firewall: Where to find log files?

    Once you capture the access_server logs in debugging, run the same command to put access_server service in normal running mode. 

    Run this command to check service status :

    •  service -S | grep access_server

    SFVUNL_VM01_SFOS 17.5.11 MR-11# service -S | grep access_server
    access_server RUNNING,DEBUG

    Please PM me the logs and username. 

    Thanks,

Reply
  • FormerMember
    0 FormerMember

    Hi ,

    Thank you for reaching out to the Community.

    I would advise you to put the access_server process in debugging, replicate the issue and provide access_server logs in debugging. 

    Follow this KB Article to SSH into the XG firewall: Sophos XG Firewall: How to SSH to the firewall using PuTTY utility

    Select Option 5 (Device Management) > Option 3 (Advance Shell)

    Run this command to put the access_server service in debug:

    • service access_server:debug -d -s nosync

    Please check out the following KBA to locate and capture the logs: Sophos XG Firewall: Where to find log files?

    Once you capture the access_server logs in debugging, run the same command to put access_server service in normal running mode. 

    Run this command to check service status :

    •  service -S | grep access_server

    SFVUNL_VM01_SFOS 17.5.11 MR-11# service -S | grep access_server
    access_server RUNNING,DEBUG

    Please PM me the logs and username. 

    Thanks,

Children
No Data