Why does the remote VPN with AD authentication fail on the USG Flex H model?
Zyxel Employee
Question :
The user may encounter an issue where they can obtain the VPN provisioning file from the firewall using AD authentication, but cannot establish an IKEv2 VPN connection with AD authentication.
Why does the remote VPN with AD authentication fail on the USG Flex H model?
The user can get the VPN provisioning file from the firewall successfully.
However, the IKEv2 VPN connection cannot be established, and the event log will show "generating IKE_AUTH response 4 [EAP/FAIL]" and "RADUIS authentication of ‘AD account’ failed.
Answer :
The possible reason is that the firewall has not been joined to the AD domain. Once the firewall successfully joins the AD domain, the IKEv2 VPN can be established normally.
Join Domain
Join Domain successfully
The VPN connection can be established.
Categories
- All Categories
- 435 Beta Program
- 2.7K Nebula
- 183 Nebula Ideas
- 120 Nebula Status and Incidents
- 6.2K Security
- 438 USG FLEX H Series
- 299 Security Ideas
- 1.6K Switch
- 80 Switch Ideas
- 1.2K Wireless
- 44 Wireless Ideas
- 6.7K Consumer Product
- 276 Service & License
- 433 News and Release
- 88 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 84 About Community
- 91 Security Highlight