D-Link Forums

The Graveyard - Products No Longer Supported => D-Link NetDefend Firewalls => Topic started by: mariachi on May 06, 2011, 06:44:49 AM

Title: pptp authentification from LDAP active directory
Post by: mariachi on May 06, 2011, 06:44:49 AM

Hi


I have a dfl 210 and vpn works in pptp with a local database.but i want to use my active directory to authentifiate my user. then i  have setup my dfl

with external database et authentication rule but it still doesn' t work

http://imageshack.us/photo/my-images/192/externaldatabase.jpg/

an pptp rule

http://imageshack.us/photo/my-images/198/autentificationrule.jpg/

can you help me please

Title: Re: pptp authentification from LDAP active directory
Post by: silver_surfer30 on May 09, 2011, 12:20:20 AM

Hi Mariachi, can you please provide logs of DFL while authenticated via PPTP ?

Title: Re: pptp authentification from LDAP active directory
Post by: mariachi on May 31, 2011, 01:55:59 AM

Date    Severity    Category/ID    Rule    Proto    Src/DstIf    Src/DstIP    Src/DstPort    Event/Action
2011-05-31
10:56:14    Warning    PPTP
2700014          
   
   
   tunnel_idle_timeout
close_tunnel
iface=PPTP_SERVER remotegw=188.188.88.255
2011-05-31
10:56:05    Warning    PPTP
2700026          
   
   
   pptp_no_userauth_rule_found
iface=PPTP_SERVER remotegw=188.188.88.255
2011-05-31
10:56:04    Notice    PPTP
2700019          
   
   
   pptp_tunnel_up
iface=PPTP_SERVER remotegw=188.188.88.255

conn=close origsent=704 termsent=488

Title: Re: pptp authentification from LDAP active directory
Post by: navi on May 31, 2011, 07:50:46 AM

"pptp_no_userauth_rule_found"

Have You selected in "User Authentication Rules->your_rule->authentication options" which LDAP server dfl should use ?

Title: Re: pptp authentification from LDAP active directory
Post by: silver_surfer30 on June 01, 2011, 01:56:52 AM

Seems that no user authentication rule have been created for the pptp interface you configured !!!

Title: Re: pptp authentification from LDAP active directory
Post by: mariachi on August 08, 2011, 01:22:27 AM

hi


i don't find any way to connect my self

here is the log. on my client it says wrong password

 Internal Logging        
Date    Severity    Category/ID    Rule    Proto    Src/DstIf    Src/DstIP    Src/DstPort    Event/Action
2011-08-08          10:21:05    Notice           PPTP            2700008       pptp_session_closed
iface=PPTP_SERVER remotegw=188.189.69.133 callid=0

2011-08-08           10:20:57    Notice    PPTP  2700019                         pptp_tunnel_up
iface=PPTP_SERVER remotegw=188.189.69.133

Title: Re: pptp authentification from LDAP active directory
Post by: danilovav on August 09, 2011, 10:00:59 AM

Enable LDAP, user auth logging
How about AD side log?

Title: Re: pptp authentification from LDAP active directory
Post by: scrubsguy on August 09, 2011, 10:00:00 PM

but won't you need more than just the user auth logging?

Title: Re: pptp authentification from LDAP active directory
Post by: mariachi on August 10, 2011, 02:07:00 AM

Quote from: danilovav on August 09, 2011, 10:00:59 AM

Enable LDAP, user auth logging
How about AD side log?

where should i do that ? on firewall ? on the server ?

if i go in the event viewer i have nothing related authentification connection between DC and Dlink dfl

should i install IAS on the 2003 server ou radius ?? because nothing is installed. juste domain controller and active directory

Title: Re: pptp authentification from LDAP active directory
Post by: scrubsguy on August 11, 2011, 10:48:05 PM

objects , vpn objects, LDAP Server ? i guess? where is danilov? he now the DFL's a lil better thatn i do, but if you need server assistance gimme a shout!

Title: Re: pptp authentification from LDAP active directory
Post by: mariachi on August 12, 2011, 02:18:51 AM

i don't understand your reply.

Does it exist a How to ? to dos a Vpn PPTP ? with authentification on ldap 2003 server

Title: Re: pptp authentification from LDAP active directory
Post by: danilovav on August 23, 2011, 08:00:04 PM

Refer to manual - Chapter 8. User Authentication / 8.2. Authentication Setup / 8.2.4. External LDAP Servers
After setting LDAP connection, you can use it in User auth rule instead of local user database