L2TP VPN Active Directory authentication do not work
Freshman Member
Hi everyone,
I'm trying to set up an L2TP/IPSec VPN with AD authentication but it does not work because my user is rejected. The appliance is a USG Flex 100 managed by Nebula.
First of all, I add my AD to Nebula
And I configure the VPN server with my AD for authentication
Then I add a test user to my AD users
And finally, here is the log when trying to connect to this VPN
It's really surprising because I'm 200% hundred sure of the username and password.
Am i doing something wrong ? Please also note that the USG Flex is correctly added to my AD in the "Computers" section.
Should I configure something else on my AD ? NPS maybe ? Or should the user be added to a specific group ?
Thanks,
Sebastien
I'm trying to set up an L2TP/IPSec VPN with AD authentication but it does not work because my user is rejected. The appliance is a USG Flex 100 managed by Nebula.
First of all, I add my AD to Nebula
And I configure the VPN server with my AD for authentication
Then I add a test user to my AD users
And finally, here is the log when trying to connect to this VPN
It's really surprising because I'm 200% hundred sure of the username and password.
Am i doing something wrong ? Please also note that the USG Flex is correctly added to my AD in the "Computers" section.
Should I configure something else on my AD ? NPS maybe ? Or should the user be added to a specific group ?
Thanks,
Sebastien
0
All Replies
-
Hello @Sébastien,Please confirm the account could be queried by your firewall. Connect to console port and input"_debug domain-auth test profile-name example.profile.name username example.username password example.password".
Moreover, please provide org/site to me via private message, and enable Zyxel support access, you can find it at Help > Support Request > Zyxel support access, enable zyxel support. I would like to check on your device, thank you.
James0 -
Dear James,
I have tried the command using a SSH connection to the router, and the answer is :% Get AD group VDC has failedretval = -24004ERROR: Display AAA group has failed.
Where VDC is the name of my AD configuration in Nebula.
What does this mean ?
Thanks,
Sébastien0 -
0
Zyxel Employee
Categories
- All Categories
- 164 Beta Program
- 1.7K Nebula
- 86 Nebula Ideas
- 62 Nebula Status and Incidents
- 4.7K Security
- 236 Security Ideas
- 1.1K Switch
- 50 Switch Ideas
- 907 WirelessLAN
- 27 WLAN Ideas
- 5.3K Consumer Product
- 172 Service & License
- 294 News and Release
- 65 Security Advisories
- 14 Education Center
- 911 FAQ
- 399 Nebula FAQ
- 249 Security FAQ
- 90 Switch FAQ
- 100 WirelessLAN FAQ
- 18 Consumer Product FAQ
- 55 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 68 About Community
- 51 Security Highlight
