Windows Netwok Policy Server as Radius
Freshman Member
We have a Flex 500 Zyxel firewall and a Windows 2019 Server on the system. The clients are remotely connecting to the network via L2TP VPN. We want to use the Windows Network Policy Server for Radius authentication on the firewall, but no matter what condition we specify in the NPS, in the Connection Request Policy, the error message is always the same:
Reason Code: 49
Reason: The RADIUS request did not match any configured connection request policy (CRP).
0
All Replies
-
Hi @AdminSys ,
This error indicates a mismatch between the RADIUS requests sent by the firewall and the policies defined on your Windows 2019 NPS server. Please follow the steps to troubleshoot:
- Verify the USG FLEX 500 is defined as a RADIUS client in NPS by confirming the shared secret matches between client and server, and checking IP address configuration is correct.
- Ensure your NPS policies are configured to accept RADIUS requests from your Zyxel Flex 500.
- Confirm that the user account attempting to connect is a member of the Windows groups specified in the NPS policy's conditions.
- Confirm that the RADIUS attributes sent by the Flex 500 match the attributes expected by the NPS server. Any discrepancies can cause a policy mismatch.
- Verify that the authentication method configured on the Flex 500 for L2TP VPN clients matches the authentication methods allowed by your NPS policies.
0
Zyxel Employee
Categories
- All Categories
- 430 Beta Program
- 2.6K Nebula
- 163 Nebula Ideas
- 112 Nebula Status and Incidents
- 6K Security
- 354 USG FLEX H Series
- 292 Security Ideas
- 1.5K Switch
- 78 Switch Ideas
- 1.2K Wireless
- 42 Wireless Ideas
- 6.6K Consumer Product
- 261 Service & License
- 407 News and Release
- 87 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.9K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 82 Security Highlight
