Skip to main content
kamarale
kamarale
New Member
May 22, 2025
Question

Problem with dialup IPSEC IKEV2 using RADIUS (Fortiauthenticator) and Forticlient

  • May 22, 2025
  • 1 reply
  • 1916 views

Hello,

 

I was not able to make ikev2 work. Ikev1 works ok. Ikev2 but with local authentication(local users in FGT) works ok.

But the integration with Fortiauthenticator does not work.

The forticlient says:

Wrong credentials EAP failed connection to ...

Versions:

FGT:7.4.7

FCT: 7.4.3

FAC: 6.6

 

I have followed this guides:

https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-Using-IKEv2-for-a-dial-up-IPsec-tunnel-with/ta-p/229663

https://community.fortinet.com/t5/FortiGate/Technical-Tip-IKEv2-dialup-IPsec-tunnel-with-Radius-server/ta-p/191040

 

But this guides show how to enable EAP-MSCHAPv2 in NPS, I did not find info about Fortiauthenticator.

In Fortiauthenticator ,in Radius Policy I enabled EAP protocols and does not work.

 

Does anyone have any clue? Any help is appreciate it.

thank you!

Regards.

 

 

 

 

1 reply

kaman
Staff
kaman
Staff
May 25, 2025

Hi kamarale,

Note: The option is only available when the Authentication type is Password/OTP authentication with Accept EAP > EAP-MSCHAPv2 enabled.

Please refer to the below documents for more information:

https://docs.fortinet.com/document/fortiauthenticator/6.6.2/administration-guide/416152/policies

https://community.fortinet.com/t5/FortiAuthenticator/Technical-Tip-8021x-PEAP-MSCHAP-V2-with-FortiAuthenticator-and/ta-p/380839


Regards
Aman

    Terms & ConditionsAccessibility statement