How to configure AD User do the authentication on L2TP scenario

Zyxel_Charlie Posts: 1,034
50 Answers 500 Comments Friend Collector Fourth Anniversary
 Guru Member
edited June 2022 in VPN

Step1. First, build up L2TP VPN configuration as below:




Step2. Set AD domain and Members on the Windows Server 2012, please refer to picture below:




Step3. Add user name and configure Group Identifier: CN=L2TP_VPN_Access,OU=Security Groups,OU=MyCompany,DC=test,DC=local, please refer to setting below:




Please note: After creating the name "L2TP_VPN_Access" on AD server, and you can check it on AD Configuration Validation as shown below:




Step4. Configure L2TP with Allowed User: select the AD user group as below:




Step5. Refer to AD domain and Members on the Windows server 2012, please refer to picture below:


Step6. Add AD with Base DN: dc=test,dc=local, and fill in the Server Authentication with Bind DN: CN=usg.user,OU=Users,OU=MyCompany,DC=test,DC=local and also the Password as below:

Please note: you can check the name "usg.user" which is configured on AD server, using the AD Configuration Validation as below:


After configuring all the above steps, you will be able to build up an L2TP tunnel, pass the AD authentication and gain access to USG/ZyWALL series with Windows AD server 2012 as picture below shows: