This article quickly shows how to configure IKEv2 with MS-CHAPv2 on our USG and Zywall devices.
1. The USG1100 must join an AD domain.
In the following example, domain name is usg.com.
2. Go to CONFIGURATION > System > DNS > Address/PTR Record and add a PTR record.
In this example, the IP of AD server is 10.214.48.71.
3. Navigate to AAA Server > Active Directory > AD object.
Configure Domain Authentication for MSChap.
Configure Domain Authentication for MSChap.
The user in this field should have “domain admin” privilege on your AD server.
>>> IKEv2 is established with AD account successfully.
KB-00259
Comments
0 commentsPlease sign in to leave a comment.