Authorization on AD group for L2TP does not pass
Zywall 310 / fw 4.35 (AAAB.3)
For L2TP users, a local group (L2TP-VPN-users) in Zywall has been created, where those who are allowed access to VPN (allowed users) are placed.
AD authentication was configured, an ad-users internal user was added to the L2TP-VPN-users group. As a result, all users of the domain and local are authorized and connected.
But as soon as you try to allow authorization only for users belonging to a certain AD group (ext-group-user). Authorization fails ("disallowed user" in logs)
Group authorization is as follows - An AD-VPN user of the ext-group-user type is created. with settings defining the AD group. When testing inside the ext-group user test, the test passes - the status is OK.
The created user (AD-VPN) was added to the VPN allowed group (L2TP-VPN-users), and the ad-users built-in user was removed from the allowed group. After that, authorization through AD does not work.
Accepted Solution
-
After update the newest weekly firmware (V4.35(AAAB.3)ITS-WK13-r92843) problem was solved.
0
All Replies
-
@Niviteka
As your description,
can you check the account on AD is enabled?
Also, can I know do you login to the device GUI successfully via account?
0 -
Account enabled.I can to login to the device GUI successfully via AD account.I can even connect to L2TP if I add the ad-user to the L2TP-VPN-users group, but then all domain users can join VPN.
I need so that only users of the VPN-users group in AD can connect to VPN.
0 -
After update the newest weekly firmware (V4.35(AAAB.3)ITS-WK13-r92843) problem was solved.
0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 147 Nebula Ideas
- 96 Nebula Status and Incidents
- 5.7K Security
- 262 USG FLEX H Series
- 271 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.4K Consumer Product
- 249 Service & License
- 387 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.5K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 73 Security Highlight