I would like to change our VPN from locally authenticated users to Active Directory-user.
The problem is, it's not working.
I have done the following things:
- created a new OU in the AD with the VPN users (not the same like for the AD-Auth)
- created a new group which includes the new users in the new vpn-ou.
- added a new dynamic membership group in the UTM which points to the new group in the AD
- the new group in the UTM added to the VPN-allowed user
problem:
2015:02:24-12:45:28 utm-1 aua[25153]: id="3006" severity="info" sys="System" sub="auth" name="Trying xx.xx.xx.xx (adirectory)"
2015:02:24-12:45:29 utm-1 aua[25153]: id="3005" severity="warn" sys="System" sub="auth" name="Authentication failed" srcip="xx.xx.xx.xx" host="" user="new_vpnusername" caller="portal" reason="DENIED"
When I create a new user in the UTM and add remote auth, then it's working. But I would like to synch this with the AD. So i only have to download and deploy the vpn-config for the user.
UTM:
ASG-425 HA Pair
Firmware version: 9.308-16
Has someone a good idea?
This thread was automatically locked due to age.
