- CheckMates
- :
- Products
- :
- Quantum
- :
- Remote Access VPN
- :
- VPN Identity Awareness
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
VPN Identity Awareness
Hi all,
I'm trying to setup VPN for a remote site utilizing Identity Awareness. The remote site doesn't have any local domain controllers, but it is connected via site2site tunnel with another site that has the domain controllers.
When trying to connect via the End Point client the status hangs at 47% and then fails.
Here is the gateway's AD Query Status
Can anyone assist?
Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
What version of gateway(s) involved here?
What version/flavor of VPN client?
Does the client encryption domain include the AD servers on the remote site?
Can the same client connect to other gateways ok?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
What version of gateway(s) involved here? Both gateways are on R77.30
What version/flavor of VPN client?
Does the client encryption domain include the AD servers on the remote site? So the AD servers sit on a 10.1.1.x/24 network. That network is defined in the encryption domain of the other gateway but not the encryption domain of the gateway I'm trying to connect to. Do I need to add that network to the encryption domain of the gateway I am connecting to?
Can the same client connect to other gateways ok? Yes, I can connect to other gateways with the same client.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
That said, I think both gateways need to be part of the same RemoteAccess community.
Is that the case here or not?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The gateway that I am connecting to does not have the AD server network in its encryption domain, and both gateways are part of the same RemoteAccess Community.