No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

USG6000 configure l2tp over ipsec and authenticate at AD server

Publication Date:  2017-10-27 Views:  536 Downloads:  0
Issue Description

USG6000 configure l2tp over ipsec and authenticate at AD server,can't login l2tp over ipsec.

Handling Process

1.       Detect AD server on firewall, it can connect with AD server successfully.

2.       Debugging ad pakcet, it shows error code 24 as follows.



3.       Checked interface virtual-template configuration, it configured CHAP authentication mode. For L2TP over IPSec authentication with AD server, it can’t support CHAP authentication mode.


Root Cause

For L2TP over IPSec authentication with AD server, it can’t support CHAP authentication mode. But interface virtual-template configured wrongly as CHAP authentication mode.

Solution

1.      Changed configuration at interface virtual-template to PAP authentication mode only.


2.       Tested to login L2TP over IPSec, it is successfully.


END