VPN with mixed authentication?


we've set up an Mobile VPN with IKEv2 for our user's remote access, they're are authenticated against RADIUS server (NPS). It works fine. Now we also want to grant limited access for external service partners to support their systems. Because I don't want to waste Windows Server CALs for them, my idea was to define local Firebox users instead. If I only activate Firebox-DB authentication in VPN configuration then it works. But if I activate both Firebox-DB and RADIUS authentication, then Firebox users are always tried to authenticate against RADIUS. What I am doing wrong?



  • Options

    1) for Firebox-DB users, try entering the user ID following Firebox-DB.
    example: Firebox-DB\j_smith
    This works for SSLVPN users. Perhaps it also works for IKEv2.

    2) Use a different VPN type, such as SSLVPN for the external service partners.

  • Options

    Option 1 works. So easy.

    I'll think option 2 over, nevertheless.

    Thank you!

Sign In to comment.