[ATP/FLEX] How to Set Up L2TP IPSec VPN with AD Authentication on Nebula?
Zyxel Employee
Nebula Cloud provides VPN solutions that can authenticate through an AD server for L2TP over IPsec VPN / IPsec VPN.
Configure Steps
Using Windows Server 2016 as the AD server
1. AD server installation
Install an AD Server and set it as a domain controller. If installed in a virtual machine, make sure that the virtual NIC needs to be bridged to the physical NIC.
2. AD server configuration
Navigate to Configure > Firewall > Firewall settings, input the name, server IP address, AD domain, and administrator username/password. The default service port is 389.
3. L2TP over IPsec Remote VPN configuration
Navigate to Configure > Firewall > Remote access VPN, input the secret and select the AD server as the Authentication method
4. Set up L2TP VPN on Windows PC
Settings > Network & Internet > VPN > Add a VPN connection
a. VPN Provider: Drop down to select Windows(built-in)
b. Input Connection name
c. Input Nebula device Public IP
d. VPN type: L2TP/IPsec with pre-shared key
e. Per-shared key: input the pre-shared key that set up on Nebula
f. Input VPN username/password(which is the user on AD server)
g. Navigate to Control Panel > Network and Sharing Center > Change Adapter settings, tick the VPN interface we just added > Properties > Security, make sure the VPN type is L2TP/IPsec and tick “Unencrypted password(PAP)”
Test the Result
Categories
- All Categories
- 415 Beta Program
- 2.3K Nebula
- 142 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 234 USG FLEX H Series
- 267 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1K Wireless
- 40 Wireless Ideas
- 6.3K Consumer Product
- 246 Service & License
- 387 News and Release
- 82 Security Advisories
- 28 Education Center
- 9 [Campaign] Zyxel Network Detective
- 3.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight