05-04-2012 07:15 AM
I'm currently working on a U200-A for configuring SSL-VPN. I got this working for basic But run into a problem when I want to authenticate the users against AD or Radius.
Radius or AD authentication works fine. However I'm not able to bind a resource group to the users.
Resource groups can be linked to local users but it seems not possible with AD or Radius authentication. Has anyone test SSL-VPN functionality and can help me with this?
Thanks in advance.
02-27-2013 10:16 PM
see attached picture.
the user group you create in active directory shall be exactly matching the user group syntax, which is created in SSL VPN gateway (SecPath appliance) for SSL VPN users because this is a radius vendor (H3C/Huawei; 2011) attribute 140 (SSL-VPN-GROUP) that will be returned by RADIUS once the user authentication succeeds. If not exactly matching, the user may not get his home page, if the authentication succeeds.
Resume: create the user group (security group) in AD make the user member of this security group.