L2TP VPN Active Directory authentication do not work
Freshman Member
Hi everyone,
I'm trying to set up an L2TP/IPSec VPN with AD authentication but it does not work because my user is rejected. The appliance is a USG Flex 100 managed by Nebula.
First of all, I add my AD to Nebula
And I configure the VPN server with my AD for authentication
Then I add a test user to my AD users
And finally, here is the log when trying to connect to this VPN
It's really surprising because I'm 200% hundred sure of the username and password.
Am i doing something wrong ? Please also note that the USG Flex is correctly added to my AD in the "Computers" section.
Should I configure something else on my AD ? NPS maybe ? Or should the user be added to a specific group ?
Thanks,
Sebastien
I'm trying to set up an L2TP/IPSec VPN with AD authentication but it does not work because my user is rejected. The appliance is a USG Flex 100 managed by Nebula.
First of all, I add my AD to Nebula
And I configure the VPN server with my AD for authentication
Then I add a test user to my AD users
And finally, here is the log when trying to connect to this VPN
It's really surprising because I'm 200% hundred sure of the username and password.
Am i doing something wrong ? Please also note that the USG Flex is correctly added to my AD in the "Computers" section.
Should I configure something else on my AD ? NPS maybe ? Or should the user be added to a specific group ?
Thanks,
Sebastien
0
All Replies
-
Hello @Sébastien,Please confirm the account could be queried by your firewall. Connect to console port and input"_debug domain-auth test profile-name example.profile.name username example.username password example.password".
Moreover, please provide org/site to me via private message, and enable Zyxel support access, you can find it at Help > Support Request > Zyxel support access, enable zyxel support. I would like to check on your device, thank you.
James0 -
Dear James,
I have tried the command using a SSH connection to the router, and the answer is :% Get AD group VDC has failedretval = -24004ERROR: Display AAA group has failed.
Where VDC is the name of my AD configuration in Nebula.
What does this mean ?
Thanks,
Sébastien0 -
0
Zyxel Employee
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 144 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 237 USG FLEX H Series
- 267 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.3K Consumer Product
- 247 Service & License
- 384 News and Release
- 83 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight
