For our XG with SSL VPN we are using AD Authentication and MFA. That works but sometimes when setting up new users I am having problems getting them to access our LAN. As if the route to the LAN is not present after connecting with SSL VPN.
Today I was also troubleshooting a user and I believe it is not a route add issue in SSL VPN as I saw the src ip traffic being blocked in the firewall log. I think that the AD Group membership authentication check with AD is having problems.
Users in AD can be member of many different Groups. The groups and the users have been imported in the past. Now when I add a user to the VPN User group in AD I am suspecting that this change is not picked up by the XG. I starts working for the user when I add him to the VPN user group in the XG.
We want to administer everything in AD and have the XG check that. Is this authentication flawed in XG not synchronized with AD?
Should I purge periodically the AD Groups and users and re-import them? How is this supposed to work in the XG?
Thanks,
Fred
This thread was automatically locked due to age.