nested user group not working for l2tp authentication
Options
Hello
IMHO nested user groups do not work for L2TP authentication. Let me explain:
Say I have 4 users:
- l2tpUserHome1
- l2tpUserHome2
- l2tpUserWork1
- l2tpUserWork2
- l2tpGroupHome containing users l2tpUserHome1, l2tpUserHome2
- l2tpGroupWork containing users: l2tpUserWork1, l2tpUserWork2
- l2tpGroupAllowed containing the groups l2tpGroupHome, l2tpGroupWork
If I set Configuration > VPN > L2TP VPN > "Allowed User:" to "l2tpGroupAllowed" the L2TP Authentication fails with an error message (for chronological order read from bottom to top):
Although I got before the following success message:
Dynamic Tunnel [XXXX:YYYY:0x124567a] built successfully
(same color = same text)
If I configure e.g. "l2tpGroupHome" or "l2tpGroupWork" for "Allowed User" in the L2TP VPN configuration the "authentication" works (vpn tunnel is established).As soon as I switch back to "l2tpGroupAllowed" there is no tunnel established. I doesn't matter which user I user - none work.
We need those groups to block e.g. l2tp user from "l2tpGroupHome" to access LAN1 interface or a special IP-range.
Any idea what the problem is?
The firewall is a USG210 with V4.39(AAPI.0)
As client I use the built-in Windows 10 L2TP vpn client.
As client I use the built-in Windows 10 L2TP vpn client.
0
All Replies
-
SiSZyComm
I cannot reproduce this behavior.
I have the same user group settings.
And create L2TP VPN configure via Quick Setup and then change the Allowed User to l2tpGroupAllowed
The result is a sccuess
Could you upgrade to the latest firmware version V4.73 and try again? thanks.
James0
Categories
- All Categories
- 384 Beta Program
- 2.1K Nebula
- 117 Nebula Ideas
- 80 Nebula Status and Incidents
- 5.1K Security
- 76 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 69 Switch Ideas
- 907 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 209 Service & License
- 335 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.9K FAQ
- 897 Nebula FAQ
- 415 Security FAQ
- 233 Switch FAQ
- 205 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 137 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 73 About Community
- 62 Security Highlight