USG FLEX 200 with LDAP: Restrict WPA2-Enterprise login to specific AD group
Freshman Member
Hi everyone,
I'm using a USG FLEX 200 as an AP controller for several WAC6103D access points.
I want to use WPA2-Enterprise authentication with LDAP (Active Directory).
So far, the connection works. My current Base DN is:
CN=Users,DC=ad,DC=mynet,DC=de
However, I want to restrict authentication to only users in the group:
CN=Mitarbeiter,CN=Users,DC=ad,DC=mynet,DC=de
My question:
How can I configure the Zyxel system to only allow authentication for that specific group?
Is there a way to apply an LDAP filter or similar method?
Thanks in advance!
PS:
Important note: Changing the structure of the AD tree is not an option.
Migrated from NXC2500 to USG Flex 200 with hope for a Solution :-)
Accepted Solution
-
Hi @nxc_neuling ,
Based on your description, it seems like the CN=Mitarbeiter is contained within CN=Users, making CN=Users the parent/mother folder. There is no way to configure the Zyxel firewall to allow authentication for users in the parent/mother folder on AP server while restricting authentication for another group within it.
Zyxel_Judy
0
Zyxel Employee
All Replies
-
Hi @nxc_neuling ,
Based on your description, it seems like the CN=Mitarbeiter is contained within CN=Users, making CN=Users the parent/mother folder. There is no way to configure the Zyxel firewall to allow authentication for users in the parent/mother folder on AP server while restricting authentication for another group within it.
Zyxel_Judy
0
Categories
- All Categories
- 435 Beta Program
- 2.7K Nebula
- 176 Nebula Ideas
- 117 Nebula Status and Incidents
- 6.1K Security
- 426 USG FLEX H Series
- 298 Security Ideas
- 1.6K Switch
- 78 Switch Ideas
- 1.2K Wireless
- 44 Wireless Ideas
- 6.7K Consumer Product
- 274 Service & License
- 419 News and Release
- 88 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 89 Security Highlight
