How to configure USG Series to authenticate SSL VPN client with Microsoft Active Directory
For example, we have a AD server with the configuration as below:
- IP:192.168.1.35
- Domain name: cso.net
- Domain user: aduser
- Domain administrator: administrator
- Domain administrator's password: admin1234
[Configuration Steps]
Step 1: Building an SSL Application (wheter for Web application or File Sharing)
Step 2: Add a user on the Domain server named "aduser"
Step 3: Add a user on the ZyWALL and select the user type as Ext-User
Step 4: On the ZyWALL, click "SSL" from left panel and add the user "aduser" to the policy of the SSL Application that you added on step 2.
Step 5: Configuring the Auth.Method, add the "group ad" in the default method.
Step 6: Configuring the AAA server from "Object" > "AAA Server" > Active Directory and refer the parameters listed below to complete the settings.
[Paramaters]
Host: 192.168.1.35
Port: 389
Bind DN: cn=administrator,cn=users,dc=cso,dc=net
Server Search Base: dc=cso,dc=net
Bind DN: cn=administrator,cn=users,dc=cso,dc=net
Password: admin1234(Domain administrator's password)
Base DN: dc=cso,dc=net
CN Identifier: sAMAccountNAME
Search time limit: 5
Categories
- All Categories
- 390 Beta Program
- 2.1K Nebula
- 116 Nebula Ideas
- 78 Nebula Status and Incidents
- 5.1K Security
- 51 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 69 Switch Ideas
- 907 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 210 Service & License
- 331 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.9K FAQ
- 879 Nebula FAQ
- 414 Security FAQ
- 220 Switch FAQ
- 194 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 137 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 72 About Community
- 61 Security Highlight