Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 2 replies
  • Subscribers 26 subscribers
  • Views 7516 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPSec VPN using External (LDAP) Authentication Server

Bracey Summers

Does LDAP auth works for IPSec connections.  I tried a remote account and local account.  The local account works while the remote account errors with "Authentication Failed" and in System log it has "CHAP : Authentication Failed for User". The remote account is the same account I use to login to services on the XG.  I know the was not supported previously in UTM9, but since there is an option to configure it now there is the impression that it should work.

Under Configure -> Authentication -> Services [VPN (IPsec/L2TP/PPTP) Authentication Methods] I have the remote authentication servers selected.  These servers work for access to the User Portal and Administration page.



This thread was automatically locked due to age.
  • +1

    Bracey,

    if you have configured the LDAP successfully, your account should be able to authenticate using LDAP. Make sure to adjust the CHAP correctly from console. Use the command:

    console> show vpn configuration

    and the command: set vpn l2tp authentication xxxx to set the authentication.

    Regards

  • 0 in reply to lferrara

    Luk,

     

    Thanks for the quick response.  The part I was missing was the server that handled authentication between the firewall and LDAP.  I now have it working (MS-CHAPv2 : Authentication Successful for User ...).

     

    Bracey