Hello all,
MK In RouterOS 6.38.1 added new features like:
*** ipsec - added IKEv1 xauth user authentication with RADIUS "/ip ipsec user settings set xauth-use-radius=yes";
*** radius - added IPSec service (cli only);
Earlier I have been configured L2TP/IPSEC VPN authentication using mikrotik built-in radius server called User Manager. All configuration was done something like shown in this link: https://aacable.wordpress.com/tag/account-expired. This configuration is working.
Now I try to do the same thing, but just with IPsec and new software features.
User authentication isn't working, when I add statically users in /ip ipsec user - users are authenticating and all is working.
Why with the same UserManager configuration L2TP/IPSec working but IPSec isn't?????
IPsec log:
> > ipsec,info respond new phase 1 (Identity Protection):
> > x.x.x.x [500]<=>x.x.x.x [500]
> > ipsec,info ISAKMP-SA established
> > x.x.x.x [500]-x.x.x.x[500]
> > spi:76817ae07f6683da:1edd916b089054aa
> > ipsec,info Xauth login failed for user: 123
User-Manager log:
customer=admin user-orig="123" calling-station-id="\C0\E0N\E2\C4\12\86\ED" host-ip=x.x.x.x status=accounting-failure description="missing Acct-Session-Id attribute"