D-Link Forums

The Graveyard - Products No Longer Supported => D-Link NetDefend Firewalls => Topic started by: kumig on December 10, 2014, 05:04:03 AM

Title: DFL 210 - VPN USING EXTERNAL DATABASE
Post by: kumig on December 10, 2014, 05:04:03 AM

Hi

I have setup VPN using PPTP on the firewall.
it works with the local user database but when I try an external user database (ldap) I get a 691 erorr from my windows vpn client.
I have verified that the username and password is correct.
Please can someone assist, I have been struggling with this for sometime.

Thanks

Title: Re: DFL 210 - VPN USING EXTERNAL DATABASE
Post by: Rara Avis on December 10, 2014, 11:58:28 AM

LDAP is not designed to be an auth protocol, if you can use RADIUS for your firewall to auth against (even if it is using the same server/database), you will have an easier life.  Some people may find this statement controversial, but we will have to agree to disagree.

Regardless of protocol however, you will need to look at your firewall and server logs, your client errors aren't going to lead you anywhere useful.

Title: Re: DFL 210 - VPN USING EXTERNAL DATABASE
Post by: kumig on December 11, 2014, 02:31:06 AM

Hi Rara

Thanks for the response.

We want to use our Company AD to do the authentication.

I have checked the logs of the firewall and the AD server.

It seems like the firewall is not communicating with the AD server.

I m trying to attach a screenshot of my settings of the firewall for ldap but can't attach.

My settings:
Port :389
Attribute Name:sAMAccountName
Base Object: DC=mydomain,DC=com
Administrator Account: CN=Administrator,CN=Users,DC=mydomain,DC=com

Does this seem correct?

Thanks

Title: Re: DFL 210 - VPN USING EXTERNAL DATABASE
Post by: Rara Avis on December 11, 2014, 09:43:46 AM

Sorry Kumig, LDAP isn't my forte, that said I do believe the admin account field should accept a simple account name.