General question about AD sync with XG

In my environment i have enabled SSL VPN on my XG. Authentication is through AD. I have an AD security group which synchronises with XG. I add AD members to this group and SSL VPN access is granted to the users of this AD security group.

I have some AD users who have time restrictions for logging into the network (setup in AD). When i add a memeber to the AD security group, it takes a day for the AD members to be granted access to the VPN. Eg , I add a AD user at 10 am today to the AD security group to access the VPN. The AD user is able to downloads the SSL VPN Client configuration file from the XG User portal. However when connecting through the SSL client the user gets the error Access Time Policy violation. When the user tries to login the next day same time, then the user is able to connect using the SSL Client. Is there a way on XG where when i add/remove a user in AD, it synchronises with XG instantly.

The DC's are communicating with XG using plaintext. Is that a problem

Version: 17.5 MR

Edited TAGs
[edited by: emmosophos at 12:32 AM (GMT -7) on 5 May 2021]

Top Replies

  • Hi ,

    Thanks for reaching out to the Community! 

    I would advise you to put the access_server process in debugging, replicate the issue and provide access_server logs in debugging. 

    Follow this KB…

Parents Reply Children
No Data