Windows server AD trough IPSec VPN
All Replies
-
Hi @Aballo,
I assume you just need the client to login AD domain, not the firewall needs to join your AD and authentication. Below is the solution based on what I assume.
Main concept:
Your client need to know what IP is you domain.
You can set your AD DNS server IP as DNS server for your clients. Or set a domain zone forwarder so the clients can resolve the domain and connect to your AD. Below is the example for domain zone forwarder.
Since your firewalls are connected by VPN, the firewall will route the traffic to AD via VPN tunnel and your client can reach the AD.
Zyxel Melen0 -
Hello,
Many thank's for your answers.
The domain controller is behind on USG (main site) and all users on this side can already logon.
The other side (the "agency") is new.
I thought IPSec allowed these ports (53, 88, 389, and 445) by default…
Regards
L.
0
Categories
- All Categories
- 434 Beta Program
- 2.7K Nebula
- 174 Nebula Ideas
- 117 Nebula Status and Incidents
- 6.1K Security
- 418 USG FLEX H Series
- 297 Security Ideas
- 1.6K Switch
- 78 Switch Ideas
- 1.2K Wireless
- 43 Wireless Ideas
- 6.7K Consumer Product
- 270 Service & License
- 416 News and Release
- 87 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.1K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 87 Security Highlight