Good morning,
I'm relatively new when it comes to XG firewalls and have a simple question.
We currently have AD setup to sync to our firewall for IPSEC VPN authentication. Recently, a user had their name changed, to which we updated in active directory. It's been about a week and the change hasn't been reflected on the firewall. I can see the old username, and the user can authenticate just fine, so getting connected currently isn't critical, but I'm more curious why changing a name in AD doesn't sync with the firewall? Or, is there a way to manually force a sync with the AD?
I've ran through the AD import wizard which imports the groups from AD to the XG, but that didn't seem to do anything either.
Which leads me to a much larger question. Currently, when a new user is created in AD, that new user syncs over to the XG with no issue, but we have to manually grant VPN access to the user. With our previous firewall, we had an IPSEC VPN security group in AD which synced over to the firewall. If the user was a member of that group, they were granted access to connect. Is there a method to accomplish the same thing? Ideally, I'd like to just have the same security group handle VPN access on the XG, but all my tests fail. The group is present in the XG, but new users added to the group in AD fail to show in the XG group membership.
I hope all this makes sense. THanks for anyone who may help.
This thread was automatically locked due to age.
