Why does the remote VPN with AD authentication fail on the USG Flex H model?
Zyxel Employee
Question :
The user may encounter an issue where they can obtain the VPN provisioning file from the firewall using AD authentication, but cannot establish an IKEv2 VPN connection with AD authentication.
Why does the remote VPN with AD authentication fail on the USG Flex H model?
The user can get the VPN provisioning file from the firewall successfully.
However, the IKEv2 VPN connection cannot be established, and the event log will show "generating IKE_AUTH response 4 [EAP/FAIL]" and "RADUIS authentication of ‘AD account’ failed.
Answer :
The possible reason is that the firewall has not been joined to the AD domain. Once the firewall successfully joins the AD domain, the IKEv2 VPN can be established normally.
Join Domain
Join Domain successfully
The VPN connection can be established.
Categories
- All Categories
- 442 Beta Program
- 3K Nebula
- 223 Nebula Ideas
- 129 Nebula Status and Incidents
- 6.6K Security
- 638 USG FLEX H Series
- 357 Security Ideas
- 1.8K Switch
- 86 Switch Ideas
- 1.4K Wireless
- 54 Wireless Ideas
- 7K Consumer Product
- 301 Service & License
- 494 News and Release
- 93 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.8K FAQ
- 34 Documents
- 88 About Community
- 109 Security Highlight