I have a NPS server to made a authentication for VPN users. Because I want the firewall (R77.30) can understand the IP and username of the VPN traffic, I set up the accounting forwarding on the NPS, to the checkpoint R77.30. On the Checkpoint I configured the RADIUS Accounting under the Identity awareness. It works fine, now I can make a user rules on the checkpoint to filter the access from the VPN subnet to the resources on the LAN.
But, the NPS server logging a lot of errors on any clients authentication. Base on the testing, the errors are caused by forwarding the accounting information. The users authentication works great, just a lot of errors on the server side.
When I disabled the accounting forwarding, the errors from the NPS disappeared. What I know, the NPS expecting answer even for forwarded accounting information. Do you know if is possible to tweak the R77.30 somehow, to avoid these errors?
I can simply ignore it, but in the case of "rear" error, it will be difficult the recognize it, to solve it. Every connection throw around 5 logs - 4x ID 32, 1x ID 20271
NPS Accounting forward enabled -> R77.30 understand to traffic -> NPS server loggins errors -> VPN authetication works
NPS Accountign forward disabled -> R77.30 don't know the username for the client IP -> NPS server without error -> VPN authetication works
Thank you for any suggestion.