USG Flex 200 - L2TP over IPsec, not working after firmware 5.30

syraarpe · May 2022

Hello there

After upgrading Flex 200 from firmware 5.20 to 5.30, our users cant sign in anymore.
Anyone get the samme error.

Image: https://us.v-cdn.net/6029482/uploads/editor/fa/c0jn4u20y8lu.png

We are using RADIUS for Duo.
If we create a local test-user in the Flex200, its works.
But then our duo/2-factor not working

Solution is to run users on the "Local"

So radius is not working anymore.

syraarpe · May 2022

@mMontana
We found it.

They have made a change for concatenate auth, so its enabled by default.

Image: https://us.v-cdn.net/6029482/uploads/editor/kj/4ku9ldca7bgr.png

Works again.
Case closed.

mMontana · May 2022

Verify the paths and credentials for accessing from USG Flex 200 to Radius. Also, change log details for debugging if the appliance can:

contact the server
access the server
query the user
and the user data is provided back to the device

syraarpe · May 2022

@mMontana
We found it.

They have made a change for concatenate auth, so its enabled by default.

Works again.
Case closed.

mMontana · May 2022

Thanks for sharing the correction made for solving the issue @syraarpe.

Thanks also for trusting the recheck of parameters. Sometimes the assumption "worked before" is the worst partner for problem solving. :-)

Zyxel_Cooldia · May 2022

Thanks for the issue report. COA should not be tick after firmware update. I will report this issue internally.

Zyxel_Cooldia · May 2022

Status update. This issue will be fixed in next firmware.

USG Flex 200 - L2TP over IPsec, not working after firmware 5.30

Accepted Solution

All Replies

Categories

Security Highlight

Security Help Center