Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Herman
Participant

VPN rules for domain (AD) machine

Hello community,

i will be glad to help, there are the following rules for RA VPN (rule 34):

original_image.png

It is necessary that computers in the domain match rule 34.1, but this does not always happen, connections matches in 34.2 and skip 34.1. Why is this happening?

Thank you in advance.

0 Kudos
3 Replies
Albin
Contributor

Verify that the users are found in the VPN_AD_Machines group. Otherwise you need to fix that.

Are you using the same AU object for both access roles? The Access roles are AU-dependant, meaning you should use the AU object in your access role which is the same that authenticates the user on the GW object, otherwise the GW can't do lookups toward the AU.

0 Kudos
Herman
Participant

Im sorry, but what you mean as "AU"?  Its typo and keep in mind "Organization unit"?

0 Kudos
Albin
Contributor

Account unit, The LDAP object which is used to query user/group memberships.

0 Kudos