VPN client | Authentication failed for several users in periodic basis

ddrako
Comes here often

VPN client | Authentication failed for several users in periodic basis

Hello dear Meraki community members !

We are facing the following issue periodically (2 - 3 consequent days in a monthly basis usually):

One or more users who are trying to authenticate with Cisco Secure Client to our MX68CW-WW Firewall, receive 'Authentication Failed'. The issue appears although the password they are using is correct.

Then, after 2 - 3 days the issue gets resolved without any intervention. It appears again after 15 - 20 days.

Please advise 

Thank you !issue.png

5 Replies 5
MartinLL
A model citizen

Which AAA server are you using?

MLL
ddrako
Comes here often

I guess that is 'Meraki Cloud Authentication'

PhilipDAth
Kind of a big deal
Kind of a big deal

Whatever you are authenticating against, AD, RADIUS, SAML - what does it say about the authentication attempt?  Did it say that the authentication attempt was allowed?

ddrako
Comes here often

Thank you for your reply ! 

From the perspective of the client, It just doesn't accept the password and prompts the Username/Password fields again. From the perspective of the Meraki Dashboard (see attached screenshot) it says 'AAA authentication failed retrieval = 7 Authentication failure'

Pavithran_Che
Here to help

Take Meraki support in the call and do a packet capture on the VPN interface to see the ingress and egress traffic to Meraki authentication. I think Meraki support also has access to backend logs to see whether the authentication is reaching the server. 

Get notified when there are additional replies to this discussion.