L2TP VPN Active Directory authentication do not work
Freshman Member
Hi everyone,
I'm trying to set up an L2TP/IPSec VPN with AD authentication but it does not work because my user is rejected. The appliance is a USG Flex 100 managed by Nebula.
First of all, I add my AD to Nebula
And I configure the VPN server with my AD for authentication
Then I add a test user to my AD users
And finally, here is the log when trying to connect to this VPN
It's really surprising because I'm 200% hundred sure of the username and password.
Am i doing something wrong ? Please also note that the USG Flex is correctly added to my AD in the "Computers" section.
Should I configure something else on my AD ? NPS maybe ? Or should the user be added to a specific group ?
Thanks,
Sebastien
I'm trying to set up an L2TP/IPSec VPN with AD authentication but it does not work because my user is rejected. The appliance is a USG Flex 100 managed by Nebula.
First of all, I add my AD to Nebula
And I configure the VPN server with my AD for authentication
Then I add a test user to my AD users
And finally, here is the log when trying to connect to this VPN
It's really surprising because I'm 200% hundred sure of the username and password.
Am i doing something wrong ? Please also note that the USG Flex is correctly added to my AD in the "Computers" section.
Should I configure something else on my AD ? NPS maybe ? Or should the user be added to a specific group ?
Thanks,
Sebastien
0
All Replies
-
Hello @Sébastien,Please confirm the account could be queried by your firewall. Connect to console port and input"_debug domain-auth test profile-name example.profile.name username example.username password example.password".
Moreover, please provide org/site to me via private message, and enable Zyxel support access, you can find it at Help > Support Request > Zyxel support access, enable zyxel support. I would like to check on your device, thank you.
James0 -
Dear James,
I have tried the command using a SSH connection to the router, and the answer is :% Get AD group VDC has failedretval = -24004ERROR: Display AAA group has failed.
Where VDC is the name of my AD configuration in Nebula.
What does this mean ?
Thanks,
Sébastien0 -
0
Zyxel Employee
Categories
- All Categories
- 429 Beta Program
- 2.6K Nebula
- 163 Nebula Ideas
- 112 Nebula Status and Incidents
- 6K Security
- 350 USG FLEX H Series
- 291 Security Ideas
- 1.5K Switch
- 78 Switch Ideas
- 1.2K Wireless
- 42 Wireless Ideas
- 6.6K Consumer Product
- 261 Service & License
- 406 News and Release
- 87 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.8K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 82 Security Highlight
