Flex 100H IPSec Remote Access VPN windows config issue
Freshman Member
Zyxel Community, I need help making VPN configuration adjustments.
The scenario. I have a client using the new USG Flex 100H configured with IPSec Remote Access VPN. On the clients, I am using the Windows VPN utility and it was configured with the provided batch script and security certificate that was downloaded from the router's configuration page. My issue is, this configuration sets the VPN to be per user on the Windows machine instead of All User. This is a change from what was done with the first generation Flex line. As I have a different client that has a Flex 500. I require the VPN to be All User so they can attach to the VPN at the login page - to alleviate Windows credential issues.
As currently, the site with the new H (second generation Flex) log into the VPN after logging into the PC. This makes all the network shares not work as the system tries to talk to the Windows Domain Controller with the VPN Credentials instead of the domain attached PC credentials. So yes, the VPN and Windows credentials are different. For my other client that is on the first generation of Flex devices, they connect to the VPN first. Then log into their workstations and can communicate properly with their Domain infrastructure.
I found a powershell script to convert the VPN connection to All Users and that script is:
Set-VpnConnection -Name "VPNCONNECTIONNAME" -AllUserConnection $True
but it fails stating:
: The system could not find the phone book entry for this connection.
I have noticed the drastic UI change between the first and second generation Flex devices. The new FLEX provides a batch file and the security certificate for configuring the remote VPN into Windows. While the first generation FLEX provided a batch file, then a PowerShellScript, and the security certificate for configuring the remote VPN into Windows. It would be nice if there could be work on making the second generation script generation process more robust similar to the first generation. And to have the option or add it by default to install these connections as ALLUSER VPN connections.
But is there someone that can help me either manually add this VPN in a way to make it ALLUSER instead of PerUser... or with some other solution with your equipment?
Categories
- All Categories
- 439 Beta Program
- 2.8K Nebula
- 191 Nebula Ideas
- 121 Nebula Status and Incidents
- 6.2K Security
- 471 USG FLEX H Series
- 308 Security Ideas
- 1.6K Switch
- 82 Switch Ideas
- 1.3K Wireless
- 44 Wireless Ideas
- 6.8K Consumer Product
- 282 Service & License
- 443 News and Release
- 88 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.3K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 93 Security Highlight
