Windows Netwok Policy Server as Radius
Freshman Member
We have a Flex 500 Zyxel firewall and a Windows 2019 Server on the system. The clients are remotely connecting to the network via L2TP VPN. We want to use the Windows Network Policy Server for Radius authentication on the firewall, but no matter what condition we specify in the NPS, in the Connection Request Policy, the error message is always the same:
Reason Code: 49
Reason: The RADIUS request did not match any configured connection request policy (CRP).
0
All Replies
-
Hi @AdminSys ,
This error indicates a mismatch between the RADIUS requests sent by the firewall and the policies defined on your Windows 2019 NPS server. Please follow the steps to troubleshoot:
- Verify the USG FLEX 500 is defined as a RADIUS client in NPS by confirming the shared secret matches between client and server, and checking IP address configuration is correct.
- Ensure your NPS policies are configured to accept RADIUS requests from your Zyxel Flex 500.
- Confirm that the user account attempting to connect is a member of the Windows groups specified in the NPS policy's conditions.
- Confirm that the RADIUS attributes sent by the Flex 500 match the attributes expected by the NPS server. Any discrepancies can cause a policy mismatch.
- Verify that the authentication method configured on the Flex 500 for L2TP VPN clients matches the authentication methods allowed by your NPS policies.
0
Zyxel Employee
Categories
- All Categories
- 431 Beta Program
- 2.6K Nebula
- 166 Nebula Ideas
- 112 Nebula Status and Incidents
- 6K Security
- 366 USG FLEX H Series
- 293 Security Ideas
- 1.5K Switch
- 78 Switch Ideas
- 1.2K Wireless
- 42 Wireless Ideas
- 6.7K Consumer Product
- 264 Service & License
- 408 News and Release
- 87 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.9K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 83 Security Highlight
