L2TP VPN problem when changing access by Active Directory

alexpe

I have a USG 100 in the latest firmware version.

I have created a L2TP VPN with a local user and it works without problem. I have decided that users use the VPN with their company Active Directory user. For this I have done the following:

- AAA Server I have added my active directory and the test gives me ok.

- I have created a Security Group in the domain with the users.

- I have created the access in the User / group and when doing the test it gives me ok.

- I have changed the authentication method and put the AD first.

But now when connecting to the VPN it gives me the following error from the attached image.

What could be the problem? The error also happens to me with a local user.

Jeremylin

Can you translate the error message in English?
Just curious that before configure the AD, the local user with L2TP is working, but after set the AD, the local user with l2tp is not processing?
What Firmware did you use? Official just released the wk48
https://businessforum.zyxel.com/discussion/4247/zywall-usg-series-v3-30p9-wk48-firmware-released#latest

alexpe

This is the message:

The L2TP connection attempt failed because the security level encountered a process error during initial negotiations with the remote computer.

Yes, it gives me the same error with the local user of the router and before it worked.

My USG110 has the latest firmware version.

Zyxel_Charlie

@alexpe
Regarding this case,
can you screenshot the Authentication method page for check further? I would like to know the issue that even authenticated the local account failed.
Go to Auth.Method>Select profile


Also, can the authenticated account login from USG's GUI?
Can I confirm what is your device USG100 or USG110?