Windows Netwok Policy Server as Radius
Freshman Member
We have a Flex 500 Zyxel firewall and a Windows 2019 Server on the system. The clients are remotely connecting to the network via L2TP VPN. We want to use the Windows Network Policy Server for Radius authentication on the firewall, but no matter what condition we specify in the NPS, in the Connection Request Policy, the error message is always the same:
Reason Code: 49
Reason: The RADIUS request did not match any configured connection request policy (CRP).
0
All Replies
-
Hi @AdminSys ,
This error indicates a mismatch between the RADIUS requests sent by the firewall and the policies defined on your Windows 2019 NPS server. Please follow the steps to troubleshoot:
- Verify the USG FLEX 500 is defined as a RADIUS client in NPS by confirming the shared secret matches between client and server, and checking IP address configuration is correct.
- Ensure your NPS policies are configured to accept RADIUS requests from your Zyxel Flex 500.
- Confirm that the user account attempting to connect is a member of the Windows groups specified in the NPS policy's conditions.
- Confirm that the RADIUS attributes sent by the Flex 500 match the attributes expected by the NPS server. Any discrepancies can cause a policy mismatch.
- Verify that the authentication method configured on the Flex 500 for L2TP VPN clients matches the authentication methods allowed by your NPS policies.
0
Zyxel Employee
Categories
- All Categories
- 417 Beta Program
- 2.5K Nebula
- 160 Nebula Ideas
- 108 Nebula Status and Incidents
- 5.9K Security
- 330 USG FLEX H Series
- 286 Security Ideas
- 1.5K Switch
- 78 Switch Ideas
- 1.2K Wireless
- 42 Wireless Ideas
- 6.6K Consumer Product
- 259 Service & License
- 400 News and Release
- 86 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.8K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 80 Security Highlight
