Options

Join AD Domain over IKEv2 VPN

morpheus27morpheus27
in Firebox - VPN Mobile User

I have a user with Windows 11 Virtual Machine running on a Mac computer. Is it possible to join Windows active directory once I got IKEv2 VPN configured and connected on the virtual machine? I have never joined a PC (to AD) over VPN. They're normally joined when the PC is directly connected to the LAN. Btw, I am using M270 with the 12.10.2 firmware.

Comments

  • Options
    james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @morpheus27
    Provided your DNS server that the VPN is using can resolve the domain name (as it will only be resolvable via the AD DNS server) I don't see why it wouldn't work. I've not specifically tried this, but as long as your Allow IKE2VPN_Users policy allows traffic to the DC it would in theory work.

    -James Carson
    WatchGuard Customer Support

  • Options
    morpheus27morpheus27
    edited April 19

    I tried that once years ago, nothing happened when I joined the PC to the domain.

    I just tried joining AD domain a minute ago. It works fine this time. My next question is, how do I establish VPN connection before signing in to the domain? Can it somehow be automated so when Windows boots up, VPN is connected already.

  • Options
    james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @morpheus27

    See the article here:
    (Custom IKEv2 and L2TP VPN profiles for Windows computers)
    https://techsearch.watchguard.com/KB?type=Article&SFDCID=kA10H000000bopASAQ&lang=en_US

    -James Carson
    WatchGuard Customer Support

Sign In to comment.