How to configure AD User do the authentication on L2TP scenario

Zyxel_Charlie
Zyxel_Charlie Posts: 1,034
50 Answers 500 Comments Friend Collector Fourth Anniversary
 Guru Member
edited June 2022 in VPN

Step1. First, build up L2TP VPN configuration as below:

 

 

 

Step2. Set AD domain and Members on the Windows Server 2012, please refer to picture below:

 

 

 

Step3. Add user name and configure Group Identifier: CN=L2TP_VPN_Access,OU=Security Groups,OU=MyCompany,DC=test,DC=local, please refer to setting below:

 

 

 

Please note: After creating the name "L2TP_VPN_Access" on AD server, and you can check it on AD Configuration Validation as shown below:

 

 

 

Step4. Configure L2TP with Allowed User: select the AD user group as below:

 

 

 

Step5. Refer to AD domain and Members on the Windows server 2012, please refer to picture below:

 
 
 
 

Step6. Add AD with Base DN: dc=test,dc=local, and fill in the Server Authentication with Bind DN: CN=usg.user,OU=Users,OU=MyCompany,DC=test,DC=local and also the Password as below:

 
 
 
 
Please note: you can check the name "usg.user" which is configured on AD server, using the AD Configuration Validation as below:

Verification

After configuring all the above steps, you will be able to build up an L2TP tunnel, pass the AD authentication and gain access to USG/ZyWALL series with Windows AD server 2012 as picture below shows: