USG FLEX 200 with LDAP: Restrict WPA2-Enterprise login to specific AD group
Freshman Member
Hi everyone,
I'm using a USG FLEX 200 as an AP controller for several WAC6103D access points.
I want to use WPA2-Enterprise authentication with LDAP (Active Directory).
So far, the connection works. My current Base DN is:
CN=Users,DC=ad,DC=mynet,DC=de
However, I want to restrict authentication to only users in the group:
CN=Mitarbeiter,CN=Users,DC=ad,DC=mynet,DC=de
My question:
How can I configure the Zyxel system to only allow authentication for that specific group?
Is there a way to apply an LDAP filter or similar method?
Thanks in advance!
PS:
Important note: Changing the structure of the AD tree is not an option.
Migrated from NXC2500 to USG Flex 200 with hope for a Solution :-)
Accepted Solution
-
Hi @nxc_neuling ,
Based on your description, it seems like the CN=Mitarbeiter is contained within CN=Users, making CN=Users the parent/mother folder. There is no way to configure the Zyxel firewall to allow authentication for users in the parent/mother folder on AP server while restricting authentication for another group within it.
Zyxel_Judy
0
Zyxel Employee
All Replies
-
Hi @nxc_neuling ,
Based on your description, it seems like the CN=Mitarbeiter is contained within CN=Users, making CN=Users the parent/mother folder. There is no way to configure the Zyxel firewall to allow authentication for users in the parent/mother folder on AP server while restricting authentication for another group within it.
Zyxel_Judy
0
Categories
- All Categories
- 442 Beta Program
- 2.9K Nebula
- 211 Nebula Ideas
- 127 Nebula Status and Incidents
- 6.4K Security
- 545 USG FLEX H Series
- 341 Security Ideas
- 1.7K Switch
- 84 Switch Ideas
- 1.3K Wireless
- 52 Wireless Ideas
- 6.9K Consumer Product
- 295 Service & License
- 465 News and Release
- 90 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.7K FAQ
- 34 Documents
- 87 About Community
- 99 Security Highlight
