The following article explains, how to authenticate SSL VPN Clients with Microsoft Active Directory
In this scenario, we have a AD server with the configuration as below:
- IP: 192.168.1.35
- Domain name: cso.net
- Domain user: aduser
- Domain administrator: administrator
- Domain administrator's password: admin1234
[Configuration Steps]
Step 1: Create a SSL VPN Connection. You can check the walkthrough in the following article:
How to create an SSL VPN Tunnel (via SecuExtender software)
Step 2: Add a user on the Domain -Controller named "SSL-User"
Step 3: Add a user on the ZyWALL and select the user type as Ext-User
Step 4: On the ZyWALL, click "SSL" from left panel and add the user "SSL-user" to the policy of the SSL Application that you added on step 1.
Step 5: Configure the Auth.Method, add the "group ad" in the default method.
Step 6: Configuring the AAA server from "Object" > "AAA Server" > Active Directory and refer the parameters listed below to complete the settings.
[Paramaters]
Host: 192.168.1.35
Port: 389
Base DN: dc=cso,dc=net
Bind DN: cn=administrator,cn=users,dc=cso,dc=net
Password: admin1234(Domain administrator's password)
Search time limit: 5
CN is also possible with ext-group-user.
Test result:
If you scroll down you can test the AD connection in the option "Configuration Validation"
+++ You can buy licenses for your Zyxel VPN clients (SSL VPN, IPsec) with immediate delivery by 1-click: Zyxel Webstore +++
KB-00143
Comments
0 comments
Please sign in to leave a comment.