AD Auth with built-in Windows L2TP client
When configuring a USG60 with Active Directory authentication, I can auth using "username" successfully. When configuring the built-in Windows10 L2TP/IPSec client to connect using windows credentials, it is sending "DOMAIN\User" and fails to authenticate. In addition, in the AAA tab in Zyxel, if I test "DOMAIN\User" it fails.
I spoke with tech support and they say that the DOMAIN\User is not supported, which is unfortunate as this would be a great solution for us.
I have good trust in ZYXEL tech, but does anyone know a workaround for this?
All Replies
-
Hi @TAPTech
Here is the example setting to login with domain\name
After build up L2TP tunnel and setup AD server, go to Configuration > Object > AAA Server > Active Directory > click Add
Add Domain Authentication for MSChap
Add Domain Zone
Go to Configuration > System > DNS > DNS > Domain Zone Forwarder add AD server into it
Add Domain name
Go to Configuration > System > Host Name > Host Name
Then check the status on AD server to see if USG has been joined the domain.
Here is the related settings on Windows adapter
The tunnel is using pre-shared key, authentication select( MS-CHAP v2)
Go to Configuration > VPN > L2TP VPN > L2TP VPN > Allowed User set to any
Test result :
Engage in the Community, become an MVP, and win exclusive prizes!
0 -
That works! Thank you. I did put a call into tech support and they did not know about this- perhaps you can update the internal documentation? I am US based.
0 -
I've followed the description above and it works perfect for my phone but, when I try to connect from windows 10 I getwhile my phone does as below:I came by a post in the knowledgebase suggesting setting radius server to 127.0.0.1 port 1812 and key 1. Unfortunately this does not help.Any suggestions much appreciated.
0
Categories
- All Categories
- 415 Beta Program
- 2.3K Nebula
- 141 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 218 USG FLEX H Series
- 262 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1K Wireless
- 39 Wireless Ideas
- 6.3K Consumer Product
- 245 Service & License
- 382 News and Release
- 81 Security Advisories
- 27 Education Center
- 8 [Campaign] Zyxel Network Detective
- 3.1K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight