[ATP/FLEX] How to Set up IKEv1 VPN tunnel and Authenticate with your AD server on Nebula Gateway

Zyxel_Stanley
Zyxel_Stanley Posts: 1,217
100 Answers 1000 Comments Friend Collector Fifth Anniversary
 Guru Member
edited June 2022 in VPN

Nebula Control Center provides a VPN solution that allows remote VPN users to connect VPN tunnels from Internet. This guide will assist in the configuration IKEv1 VPN tunenl and authenticating with exist AD domain server.

Set up external authentication server setting

Go to Firewall > Configuration > Firewall Settings and configure AD information in “My AD Server” and set up:

a. Authentication object name

b. AD Server IP address

c. AD service port

d. AD domain name

e. Domain admin account

f. Domain admin account password


Set up VPN setting on gateway

Go to Firewall > Configuration > Remote access VPN page and enable IPSec VPN Server function and set up:

a. Client VPN Subnet.

b. IKE version

c. DNS server (optional or stay in default)

d. Secret key

e. Authentication Type.


Configure VPN setting on your iPhone

Go to Setting > General > VPN & Device Management > VPN and click on Add VPN Configuration button to create a VPN profile on your iPhone and set up:

a. VPN Type

b. VPN Description

c. Server IP address

d. AD account

e. AD account password

f. Secret key


Test the Result

After VPN tunnel is established, the status will display as Connected on your iPhone and a VPN icon displays on title bar.


You can also check the VPN client status on Nebula server.

Go to Firewall > Monitor > VPN Connections > Client to site VPN login account. It will display authenticated name, assigned IP, and incoming IP address.