Community discussions

MikroTik App
 
olivier56
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 70
Joined: Wed Aug 15, 2018 8:26 pm

mikrotik client radius server2019

Sat Mar 20, 2021 1:25 pm

hi
i try with multi tutoriel like
https://sudonull.com/post/64810-Authori ... r-MikroTik
to use server 2019 nps for connect vpn with domain user but don t work

Autentification failed , password or user account may be wrong but when i try vpn connection directelly with server 2019 , i can connect.
mar/19 20:55:40 l2tp,info first L2TP UDP packet received from 192.168.2.116
mar/19 20:55:40 l2tp,ppp,error <192.168.2.116>: user test authentication failed -
radius timeout
mar/19 20:55:40 ipsec,info purging ISAKMP-SA 172.16.0.253[500]<=>192.168.2.116[500
] spi=c9e9cc44109ce00e:6609ffd5cba3a376.
mar/19 20:55:40 ipsec,info ISAKMP-SA deleted 172.16.0.253[500]-192.168.2.116[500]
spi:c9e9cc44109ce00e:6609ffd5cba3a376 rekey:1

someone have a tutorial with server 2019

conection vpn l2tp authentification with a account microtik work correctelly.

thank you
 
olivier56
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 70
Joined: Wed Aug 15, 2018 8:26 pm

Re: mikrotik client radius server2019

Mon Mar 22, 2021 8:20 pm

hi
no one can help me :)

br
 
tdw
Forum Guru
Forum Guru
Posts: 1843
Joined: Sat May 05, 2018 11:55 am

Re: mikrotik client radius server2019

Mon Mar 22, 2021 8:40 pm

The "radius timeout" message in the log implies either a problem with the RADIUS traffic between Mikrotik and Windows server caused by firewalling and/or routing, or NPS is incorrectly configured. Obviously you can't authenticate CHAP against AD either, only PAP or MSCHAPv2.
 
olivier56
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 70
Joined: Wed Aug 15, 2018 8:26 pm

Re: mikrotik client radius server2019

Tue Mar 23, 2021 2:32 pm

hi

for my test i disabled firewall from windows server and my mikrotik don t have firewall,
i use my router os like switch .
but my server test is on hyperv.
br
 
olivier56
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 70
Joined: Wed Aug 15, 2018 8:26 pm

Re: mikrotik client radius server2019

Mon Apr 26, 2021 3:11 pm

hi

windows reject connection

2021-04-26 14:03:02 DROP UDP 172.16.0.253 172.16.0.57 54242 1812 225 - - - - - - - RECEIVE
2021-04-26 14:03:02 DROP UDP 172.16.0.253 172.16.0.57 54242 1812 225 - - - - - - - RECEIVE
2021-04-26 14:03:02 DROP UDP 172.16.0.253 172.16.0.57 54242 1812 225 - - - - - - - RECEIVE

2021-04-26 14:03:16 DROP UDP 172.16.0.253 172.16.0.57 50962 1812 225 - - - - - - - RECEIVE
2021-04-26 14:03:17 DROP UDP 172.16.0.253 172.16.0.57 50962 1812 225 - - - - - - - RECEIVE
2021-04-26 14:03:17 DROP UDP 172.16.0.253 172.16.0.57 50962 1812 225 - - - - - - - RECEIVE
why Mikrotik don t use 1812 scr-port ,

thank you
 
tdw
Forum Guru
Forum Guru
Posts: 1843
Joined: Sat May 05, 2018 11:55 am

Re: mikrotik client radius server2019

Mon Apr 26, 2021 4:15 pm

There is nothing the the RADIUS specification which insists on the source port being fixed, as with many other protocols the client OS can pick an available port.

If you are seeing drop messages from the windows firewall you have not disabled it as you claimed to have done in the previous post.
 
olivier56
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 70
Joined: Wed Aug 15, 2018 8:26 pm

Re: mikrotik client radius server2019

Mon Apr 26, 2021 4:25 pm

hi
i desactived before for the test.
now is actived,

I agree wth you about protocol , i don t know why my server don t accept connection from my Mikrotik.

may be i forget somethin in NPS configuration but i don t know what....

br
 
tdw
Forum Guru
Forum Guru
Posts: 1843
Joined: Sat May 05, 2018 11:55 am

Re: mikrotik client radius server2019

Mon Apr 26, 2021 4:41 pm

If the firewall is active and blocking RADIUS requests it does point to something missing from the NPS configuration - there may be something extra required on Server2019 compared with earlier versions. As it isn't Mikrotik-specific it would be better to find a Windows forums covering third-party devices using NPS.
 
olivier56
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 70
Joined: Wed Aug 15, 2018 8:26 pm

Re: mikrotik client radius server2019

Mon Apr 26, 2021 8:39 pm

 
Tsago
just joined
Posts: 1
Joined: Thu Feb 16, 2023 6:50 pm

Re: mikrotik client radius server2019

Thu Feb 16, 2023 6:51 pm

hi

for my test i disabled firewall from windows server and my mikrotik don t have firewall,
i use my router os like switch .
but my server test is on hyperv.
br

Thanks. It was Firewall issue AD side

Who is online

Users browsing this forum: GoogleOther [Bot] and 42 guests