Zyxel USG60W - VPN over L2TP with domain authentication
Hello everyone, i have a problem on my Zyxel USG60W. I want to open a VPN over L2TP with domain authentication but it doesn´t work. The connection between the Zyxel and the domain controller works. (i tested that in the AAA Server and in the ext-group-user). It works with local users.
Log Messages:
Log Messages:
5 |
15.09.2021 08:52 |
info |
IKE |
Recv:[HASH][NOTIFY:R_U_THERE_ACK] |
xxxx:500 |
xxxx:500 |
IKE_LOG |
6 |
15.09.2021 08:52 |
info |
IKE |
The cookie pair is : 0xbfb4e088911027c6 / 0x6d69b60162e17f14 |
xxxx:500 |
xxxx:500 |
IKE_LOG |
7 |
15.09.2021 08:52 |
info |
IKE |
Send:[HASH][NOTIFY:R_U_THERE] |
xxxx:500 |
xxxx:500 |
IKE_LOG |
8 |
15.09.2021 08:52 |
info |
IKE |
The cookie pair is : 0x6d69b60162e17f14 / 0xbfb4e088911027c6 |
xxxx:500 |
xxxx:500 |
IKE_LOG |
22 |
15.09.2021 08:51 |
info |
IKE |
Recv:[HASH][NOTIFY:R_U_THERE_ACK] |
xxxx:500 |
xxxx:500 |
IKE_LOG |
23 |
15.09.2021 08:51 |
info |
IKE |
The cookie pair is : 0xbfb4e088911027c6 / 0x6d69b60162e17f14 |
xxxx:500 |
xxxx:500 |
IKE_LOG |
24 |
15.09.2021 08:51 |
info |
IKE |
Send:[HASH][NOTIFY:R_U_THERE] |
xxxx:500 |
xxxx:500 |
IKE_LOG |
25 |
15.09.2021 08:51 |
info |
IKE |
The cookie pair is : 0x6d69b60162e17f14 / 0xbfb4e088911027c6 |
xxxx:500 |
xxxx:500 |
IKE_LOG |
46 |
15.09.2021 08:51 |
info |
IKE |
Recv:[HASH][NOTIFY:R_U_THERE_ACK] |
xxxx:500 |
xxxx:500 |
IKE_LOG |
47 |
15.09.2021 08:51 |
info |
IKE |
The cookie pair is : 0xbfb4e088911027c6 / 0x6d69b60162e17f14 |
xxxx:500 |
xxxx:500 |
IKE_LOG |
48 |
15.09.2021 08:51 |
info |
IKE |
Send:[HASH][NOTIFY:R_U_THERE] |
xxxx:500 |
xxxx:500 |
IKE_LOG |
49 |
15.09.2021 08:51 |
info |
IKE |
The cookie pair is : 0x6d69b60162e17f14 / 0xbfb4e088911027c6 |
xxxx:500 |
xxxx:500 |
IKE_LOG |
75 |
15.09.2021 08:50 |
info |
IKE |
Recv:[HASH][NOTIFY:R_U_THERE_ACK] |
xxxx:500 |
xxxx:500 |
IKE_LOG |
76 |
15.09.2021 08:50 |
info |
IKE |
The cookie pair is : 0xbfb4e088911027c6 / 0x6d69b60162e17f14 |
xxxx:500 |
xxxx:500 |
IKE_LOG |
77 |
15.09.2021 08:50 |
info |
IKE |
Send:[HASH][NOTIFY:R_U_THERE] |
xxxx:500 |
xxxx:500 |
IKE_LOG |
78 |
15.09.2021 08:50 |
info |
IKE |
The cookie pair is : 0x6d69b60162e17f14 / 0xbfb4e088911027c6 |
xxxx:500 |
xxxx:500 |
IKE_LOG |
126 |
15.09.2021 08:50 |
info |
IKE |
Recv:[HASH][NOTIFY:R_U_THERE_ACK] |
xxxx:500 |
xxxx:500 |
IKE_LOG |
127 |
15.09.2021 08:50 |
info |
IKE |
The cookie pair is : 0xbfb4e088911027c6 / 0x6d69b60162e17f14 |
xxxx:500 |
xxxx:500 |
IKE_LOG |
128 |
15.09.2021 08:50 |
info |
IKE |
Send:[HASH][NOTIFY:R_U_THERE] |
xxxx:500 |
xxxx:500 |
IKE_LOG |
129 |
15.09.2021 08:50 |
info |
IKE |
The cookie pair is : 0x6d69b60162e17f14 / 0xbfb4e088911027c6 |
xxxx:500 |
xxxx:500 |
IKE_LOG |
169 |
15.09.2021 08:49 |
info |
IKE |
Recv:[HASH][NOTIFY:R_U_THERE_ACK] |
xxxx:500 |
xxxx:500 |
IKE_LOG |
170 |
15.09.2021 08:49 |
info |
IKE |
The cookie pair is : 0xbfb4e088911027c6 / 0x6d69b60162e17f14 |
xxxx:500 |
xxxx:500 |
IKE_LOG |
171 |
15.09.2021 08:49 |
info |
IKE |
Send:[HASH][NOTIFY:R_U_THERE] |
xxxx:500 |
xxxx:500 |
IKE_LOG |
172 |
15.09.2021 08:49 |
info |
IKE |
The cookie pair is : 0x6d69b60162e17f14 / 0xbfb4e088911027c6 |
xxxx:500 |
xxxx:500 |
IKE_LOG |
196 |
15.09.2021 08:49 |
info |
IKE |
Recv:[HASH][NOTIFY:R_U_THERE_ACK] |
xxxx:500 |
xxxx:500 |
IKE_LOG |
197 |
15.09.2021 08:49 |
info |
IKE |
The cookie pair is : 0xbfb4e088911027c6 / 0x6d69b60162e17f14 |
xxxx:500 |
xxxx:500 |
IKE_LOG |
198 |
15.09.2021 08:49 |
info |
IKE |
Send:[HASH][NOTIFY:R_U_THERE] |
xxxx:500 |
xxxx:500 |
IKE_LOG |
199 |
15.09.2021 08:49 |
info |
IKE |
The cookie pair is : 0x6d69b60162e17f14 / 0xbfb4e088911027c6 |
xxxx:500 |
xxxx:500 |
IKE_LOG |
216 |
15.09.2021 08:48 |
info |
IKE |
Recv:[HASH][NOTIFY:R_U_THERE_ACK] |
xxxx:500 |
xxxx:500 |
IKE_LOG |
217 |
15.09.2021 08:48 |
info |
IKE |
The cookie pair is : 0xbfb4e088911027c6 / 0x6d69b60162e17f14 |
xxxx:500 |
xxxx:500 |
IKE_LOG |
218 |
15.09.2021 08:48 |
info |
IKE |
Send:[HASH][NOTIFY:R_U_THERE] |
xxxx:500 |
xxxx:500 |
IKE_LOG |
219 |
15.09.2021 08:48 |
info |
IKE |
The cookie pair is : 0x6d69b60162e17f14 / 0xbfb4e088911027c6 |
xxxx:500 |
xxxx:500 |
IKE_LOG |
235 |
15.09.2021 08:48 |
info |
IKE |
Recv:[HASH][NOTIFY:R_U_THERE_ACK] |
xxxx:500 |
xxxx:500 |
IKE_LOG |
236 |
15.09.2021 08:48 |
info |
IKE |
The cookie pair is : 0xbfb4e088911027c6 / 0x6d69b60162e17f14 |
xxxx:500 |
xxxx:500 |
IKE_LOG |
237 |
15.09.2021 08:48 |
info |
IKE |
Send:[HASH][NOTIFY:R_U_THERE] |
xxxx:500 |
xxxx:500 |
IKE_LOG |
238 |
15.09.2021 08:48 |
info |
IKE |
The cookie pair is : 0x6d69b60162e17f14 / 0xbfb4e088911027c6 |
xxxx:500 |
xxxx:500 |
IKE_LOG |
245 |
15.09.2021 08:48 |
info |
IKE |
ISAKMP SA [WIZ_L2TP_VPN] is disconnected |
xxxx:4500 |
xxxx:4500 |
IKE_LOG |
246 |
15.09.2021 08:48 |
info |
IKE |
The cookie pair is : 0xecbacc75b0634906 / 0xb9ae4aada8779639 |
xxxx:4500 |
xxxx:4500 |
IKE_LOG |
247 |
15.09.2021 08:48 |
info |
IKE |
Received delete notification |
xxxx:4500 |
xxxx:4500 |
IKE_LOG |
248 |
15.09.2021 08:48 |
info |
IKE |
Recv:[HASH][DEL] [count=2] |
xxxx:4500 |
xxxx:4500 |
IKE_LOG |
249 |
15.09.2021 08:48 |
info |
IKE |
The cookie pair is : 0xb9ae4aada8779639 / 0xecbacc75b0634906 [count=3] |
xxxx:4500 |
xxxx:4500 |
IKE_LOG |
260 |
15.09.2021 08:47 |
info |
IKE |
Dynamic Tunnel [WIZ_L2TP_VPN:WIZ_L2TP_VPN:0x27120216] built successfully |
xxxx:4500 |
xxxx:4500 |
IKE_LOG |
261 |
15.09.2021 08:47 |
info |
IKE |
[ESP 3des-cbc|hmac-sha1-96][SPI 0xdb3cd34f|0x27120216][Lifetime 3620] |
xxxx:4500 |
xxxx:4500 |
IKE_LOG |
262 |
15.09.2021 08:47 |
info |
IKE |
[Policy: ipv4(udp:1701,81.223.65.30)-ipv4(udp:1701,172.24.11.133)] |
xxxx:4500 |
xxxx:4500 |
IKE_LOG |
263 |
15.09.2021 08:47 |
info |
IKE |
[Responder:81.223.65.30][Initiator:80.122.193.250] |
xxxx:4500 |
xxxx:4500 |
IKE_LOG |
264 |
15.09.2021 08:47 |
info |
IKE |
Recv:[HASH] |
xxxx:4500 |
xxxx:4500 |
IKE_LOG |
265 |
15.09.2021 08:47 |
info |
IKE |
Send:[HASH][SA][NONCE][ID][ID][PRV][PRV] |
xxxx:4500 |
xxxx:4500 |
IKE_LOG |
266 |
15.09.2021 08:47 |
info |
IKE |
Recv TSi: ipv4(udp:1701,172.24.11.133), TSr: ipv4(udp:1701,81.223.65.30). |
xxxx:4500 |
xxxx:4500 |
IKE_LOG |
267 |
15.09.2021 08:47 |
info |
IKE |
Recv IPSec sa: SA([0] protocol = ESP (3), spi_len = 4, spi = 0x00000000, AES CBC key len = 256, HMAC-SHA1-96, No ESN, AES CBC key len = 128, 3DES, DES, NULL; ). |
xxxx:4500 |
xxxx:4500 |
IKE_LOG |
268 |
15.09.2021 08:47 |
info |
IKE |
Recv:[HASH][SA][NONCE][ID][ID][PRV][PRV] |
xxxx:4500 |
xxxx:4500 |
IKE_LOG |
269 |
15.09.2021 08:47 |
info |
IKE |
Phase 1 IKE SA process done |
xxxx:4500 |
xxxx:4500 |
IKE_LOG |
270 |
15.09.2021 08:47 |
info |
IKE |
Send:[ID][HASH] |
xxxx:4500 |
xxxx:4500 |
IKE_LOG |
271 |
15.09.2021 08:47 |
info |
IKE |
The cookie pair is : 0xecbacc75b0634906 / 0xb9ae4aada8779639 [count=7] |
xxxx:4500 |
xxxx:4500 |
IKE_LOG |
272 |
15.09.2021 08:47 |
info |
IKE |
Recv:[ID][HASH] |
xxxx:4500 |
xxxx:4500 |
IKE_LOG |
273 |
15.09.2021 08:47 |
info |
IKE |
The cookie pair is : 0xb9ae4aada8779639 / 0xecbacc75b0634906 [count=3] |
xxxx:4500 |
xxxx:4500 |
IKE_LOG |
274 |
15.09.2021 08:47 |
info |
IKE |
Send:[KE][NONCE][PRV][PRV] |
xxxx:500 |
xxxx:1011 |
IKE_LOG |
276 |
15.09.2021 08:47 |
info |
IKE |
Recv:[KE][NONCE][PRV][PRV] |
xxxx:1011 |
xxxx:500 |
IKE_LOG |
277 |
15.09.2021 08:47 |
info |
IKE |
Send:[SA][VID][VID][VID][VID][VID][VID][VID][VID][VID][VID] |
xxxx:500 |
xxxx:1011 |
IKE_LOG |
278 |
15.09.2021 08:47 |
info |
IKE |
The cookie pair is : 0xecbacc75b0634906 / 0xb9ae4aada8779639 [count=2] |
xxxx:500 |
xxxx:1011 |
IKE_LOG |
279 |
15.09.2021 08:47 |
info |
IKE |
Recv IKE sa: SA([0] protocol = IKE (1), AES CBC key len = 256, HMAC-SHA1 PRF, HMAC-SHA1-96, 384 bit ECP, AES CBC key len = 128, 256 bit ECP, 2048 bit MODP, 3DES, 1024 bit MODP; ). |
xxxx:1011 |
xxxx:500 |
IKE_LOG |
280 |
15.09.2021 08:47 |
info |
IKE |
Recv:[SA][VID][VID][VID][VID][VID][VID][VID][VID] |
xxxx:1011 |
xxxx:500 |
IKE_LOG |
281 |
15.09.2021 08:47 |
info |
IKE |
The cookie pair is : 0xb9ae4aada8779639 / 0xecbacc75b0634906 [count=2] |
xxxx:1011 |
xxxx:500 |
IKE_LOG |
282 |
15.09.2021 08:47 |
info |
IKE |
Recv Main Mode request from [80.122.193.250] |
xxxx:1011 |
xxxx:500 |
IKE_LOG |
283 |
15.09.2021 08:47 |
info |
IKE |
The cookie pair is : 0xecbacc75b0634906 / 0x0000000000000000 |
xxxx:1011 |
xxxx:500 |
IKE_LOG |
0
All Replies
-
Can your L2TP VPN tunnel built by local user success? (e.g. admin)
You can refer to FAQ to make sure your configuration is correct first and try to build tunnel by admin first.
And also, you can login USG web portal by your AD account first to make sure your external Auth is correct.
And you can only left "PAP" in authentication protocol.
0
Categories
- All Categories
- 415 Beta Program
- 2.3K Nebula
- 141 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.5K Security
- 216 USG FLEX H Series
- 262 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1K Wireless
- 39 Wireless Ideas
- 6.3K Consumer Product
- 243 Service & License
- 382 News and Release
- 81 Security Advisories
- 27 Education Center
- 8 [Campaign] Zyxel Network Detective
- 3K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight