Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 38 subscribers
  • Views 1798 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

AD SSL VPN Auth Fail after auth server switch. Download new config fine

taimen chubka

Hi all I’m a bit stumped.

just installed 2x new domain controllers as part of project to get 2012 server out. All gone well and working.

Added new servers to xg firewall tested and working fine.

Set as new default vpn auth providers in settings.

Removed old domain controllers as auth providers.

Vpn doesn’t work. https://100001.onl/

Download new config and it works. Put old servers back and it works.

Can’t see any reference to auth servers in config file .

Am I really going to have to call all 40+ staff and download new ovpn files? This seems ridiculous?



This thread was automatically locked due to age.
Parents
  • 0

    The SSL Configuration is based on the user certificates that are created in the Firewall once a user loggs into the User Portal.

    This certificate contains the server name and ip-address also.

    Therefore, if you wish to use the old config, with the new server, you have to give the new server the old name and ip-address and then it would work.

    Another option is:  you configure IPSec VPN and then you would need only a single configuration file for all of your clients.

    As long as they are in the group that is allowed to connect remotely it will work. You could send them the configuration file via E-Mail/FTP/GPO..

Reply
  • 0

    The SSL Configuration is based on the user certificates that are created in the Firewall once a user loggs into the User Portal.

    This certificate contains the server name and ip-address also.

    Therefore, if you wish to use the old config, with the new server, you have to give the new server the old name and ip-address and then it would work.

    Another option is:  you configure IPSec VPN and then you would need only a single configuration file for all of your clients.

    As long as they are in the group that is allowed to connect remotely it will work. You could send them the configuration file via E-Mail/FTP/GPO..

Children
No Data
Unfiltered HTML