dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
1070
share rss forum feed

asgatlat

join:2012-05-10
France

USG 100 AD Auth for L2TP VPN

hi,

actually i connect to office by IPSEC/L2TP VPN through the usg100.
I've created a local user on the USG "L2TP_USER"
so every commercial use this login to connect.

now i want to use AD to let the commercials use their same login/password that they use to login when they are in the office.

I've created the AD link in the AAA config (i've test a user and it works)
But when i edit the Auth method by adding the AD group, i can't connect anymore to the VPN (it stills checking username/password)

i only find tutorial for SSL VPN / AD sync but not for L2TP

i've FW 3.00(AQQ.0)

did i missed something ?

sorry for my English



Brano
I hate Vogons
Premium,MVM
join:2002-06-25
Burlington, ON
kudos:10

First you should upgrade to AQQ.4 ... check release notes why

Did you also changed the Auth. method in L2TP settings?


asgatlat

join:2012-05-10
France

hi Brano,

yes i've checked the auth method in L2TP, it's on defaut, but i've edited the defaut auth method by adding my group_AD

but in L2TP setting for the case "allowed users" i can only choose my local L2TP_User or AD ext user but not the both :/

for the AQQ.4, indeed i should upgrade, i will do the FW upgrade in the next days when nobody is at office


asgatlat

join:2012-05-10
France

works like a charm with AQQ4
Ad users got their rights to acces their own files

but they still to acess serveur by IP, Netbios doesn't work :/

btw next step is to succes to enable having interning while connect to the L2TP VPN ^^



Brano
I hate Vogons
Premium,MVM
join:2002-06-25
Burlington, ON
kudos:10
Reviews:
·TekSavvy DSL
·Bell Fibe

Whether you going to have local internet access while connected to VPN depends if your VPN client supports split tunnelling.
Windows client does support it, but Android (in my experience) does not support split tunnelling and will route everything through VPN.


asgatlat

join:2012-05-10
France

so i only have to config the VPN connection on client ? (i use Windows 7 pro and no third software to connect to VPN)


asgatlat

join:2012-05-10
France

i've tried to split vpn connection in the windows 7 vpn propriety :

»lh3.ggpht.com/-j-qcry4lp_E/Tl1m9···vpn4.gif

internet work while i'm on VPN but i can't access to server :/



Brano
I hate Vogons
Premium,MVM
join:2002-06-25
Burlington, ON
kudos:10

By "i can't access to server" you mean what server? On work LAN? VPN LAN? Internet?


asgatlat

join:2012-05-10
France

i mean VPN LAN