Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[mariachi]

Hi


I have a dfl 210 and vpn works in pptp with a local database.but i want to use my active directory to authentifiate my user. then i  have setup my dfl

with external database et authentication rule but it still doesn' t work

http://imageshack.us/photo/my-images/192/externaldatabase.jpg/

an pptp rule

http://imageshack.us/photo/my-images/198/autentificationrule.jpg/

can you help me please

[silver_surfer30]

Hi Mariachi, can you please provide logs of DFL while authenticated via PPTP ?

[mariachi]

Date    Severity    Category/ID    Rule    Proto    Src/DstIf    Src/DstIP    Src/DstPort    Event/Action
2011-05-31
10:56:14    Warning    PPTP
2700014          
   
   
   tunnel_idle_timeout
close_tunnel
iface=PPTP_SERVER remotegw=188.188.88.255
2011-05-31
10:56:05    Warning    PPTP
2700026          
   
   
   pptp_no_userauth_rule_found
iface=PPTP_SERVER remotegw=188.188.88.255
2011-05-31
10:56:04    Notice    PPTP
2700019          
   
   
   pptp_tunnel_up
iface=PPTP_SERVER remotegw=188.188.88.255

conn=close origsent=704 termsent=488

[navi]

"pptp_no_userauth_rule_found"

Have You selected in "User Authentication Rules->your_rule->authentication options" which LDAP server dfl should use ?

[silver_surfer30]

Seems that no user authentication rule have been created for the pptp interface you configured !!!

[mariachi]

hi


i don't find any way to connect my self

here is the log. on my client it says wrong password

 Internal Logging        
Date    Severity    Category/ID    Rule    Proto    Src/DstIf    Src/DstIP    Src/DstPort    Event/Action
2011-08-08          10:21:05    Notice           PPTP            2700008       pptp_session_closed
iface=PPTP_SERVER remotegw=188.189.69.133 callid=0

2011-08-08           10:20:57    Notice    PPTP  2700019                         pptp_tunnel_up
iface=PPTP_SERVER remotegw=188.189.69.133

[danilovav]

Enable LDAP, user auth logging
How about AD side log?

[scrubsguy]

but won't you need more than just the user auth logging?

[mariachi]

Enable LDAP, user auth logging
How about AD side log?

where should i do that ? on firewall ? on the server ?

if i go in the event viewer i have nothing related authentification connection between DC and Dlink dfl

should i install IAS on the 2003 server ou radius ?? because nothing is installed. juste domain controller and active directory

[scrubsguy]

objects , vpn objects, LDAP Server ? i guess? where is danilov? he now the DFL's a lil better thatn i do, but if you need server assistance gimme a shout!

[mariachi]

i don't understand your reply.

Does it exist a How to ? to dos a Vpn PPTP ? with authentification on ldap 2003 server

[danilovav]

Refer to manual - Chapter 8. User Authentication / 8.2. Authentication Setup / 8.2.4. External LDAP Servers
After setting LDAP connection, you can use it in User auth rule instead of local user database