VPN authentication via Active Directory
I am looking to set up Active Directory as the authentication server for my VPN users. I have a T15, is this possible?
0
Sign In to comment.
I am looking to set up Active Directory as the authentication server for my VPN users. I have a T15, is this possible?
Comments
unhelpful post removed
I think the question was about mobilevpn mobile VPN authentication?
SSO is more how internal users authenticate to Firebox to get access to out to internet…
@NavyAdmon What mobilevpn are you using sslvpn or IKEv2?
SSLVPN AD auth.
“If you use Active Directory as your authentication server, the users must belong to an Active Directory security group with the same name as the group name you configure for Mobile VPN with SSL.”
Default is group name is: “SSLVPN-Users”
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/authentication/active_directory_about_c.html
WatchGuard LDAP compatibility with updated Windows security options in March 2020:
https://watchguard.force.com/customers/wgknowledgebase?type=Article&SFDCID=kA10H000000g5UlSAI&lang=en_US
With IKEv2 vpn and AD auth. you need to use Radius:
https://watchguardsupport.secure.force.com/publicKB?type=KBArticle&SFDCID=kA22A000000XZlhSAG&lang=en_US
also nowadays it’s almost mandatory to use some kind of MFA with mobilevpn’s…
check https://www.watchguard.com/wgrd-products/authpoint-multi-factor-authentication
Kimmo, thanks.