How to setup Remote VPN access using Windows Radius Server and Unifi USG/Controller

Similar documents
Client VPN OS Configuration. Android

How to use VPN L2TP over IPsec

How to Setup PureVPN Manually on Windows 7 (L2TP)?

UK TV ACCESS SET UP GUIDE

RADIUS Authentication and Authorization Technical Note

Setting up L2TP Over IPSec Server for remote access to LAN

Configuring the Cisco VPN 3000 Concentrator with MS RADIUS

Configuration Guide SuperStack 3 Firewall L2TP/IPSec VPN Client

Configure Point to Point Tunneling Protocol (PPTP) Server on RV016, RV042, RV042G and RV082 VPN Routers for Windows

Creating a Unifi Lab Network on your existing network

INF204x Module 1, Lab 3 - Configure Windows 10 VPN

802.1x Radius Setup Guide Working AirLive AP with Win X Radius Server

HTG XROADS NETWORKS. Network Appliance How To Guide: PPTP Client. How To Guide

Configuring 802.1X Settings on the WAP351

Internet Access: Wireless WVU.Encrypted Network Connecting a Windows 7 Device

QNAP VPN (Virtual Private Network) Secure network experience

Connecting to the NJITSecure wireless network.

WIALAN Technologies, Inc. Unit Configuration Thursday, March 24, 2005 Version 1.1

MWA Deployment Guide. VPN Termination from Smartphone to Cisco ISR G2 Router

Identity Firewall. About the Identity Firewall

Setup L2TP/IPsec VPN Server on SoftEther VPN Server

V7610 TELSTRA BUSINESS GATEWAY

For my installation, I created a VMware virtual machine with 128 MB of ram and a.1 GB hard drive (102 MB).

- PIX Advanced IPSEC Lab -

How to Configure a Client-to-Site L2TP/IPsec VPN

Building Block Installation - Admins

Step-by-Step Setup Guide Wireless File Transmitter

G806+H3C WSR realize VPN networking

SET UP VPN FOR WINDOWS 10

Ericom PowerTerm WebConnect

HOW TO SETUP CFS POLICIES WITH LDAP AND SSO TO RESTRICT INTERNET ACCESS ON CFS 3.0

On the left hand side of the screen, click on Setup Wizard and go through the Wizard.

Configuring Microsoft Outlook to Connect to Hosted Exchange Service

Wireless LAN Controller Web Authentication Configuration Example

Zebra Setup Utility, Zebra Mobile Printer, NPS, Symbol / Motorola Access point, PEAP and WPA-PEAP

Wireless Setup Instructions

MCSA Guide to Networking with Windows Server 2016, Exam

How to make a Work Profile for Windows 10

KE2 SmartGate. VPN Configuration. Q.5.25 June (pn 20695)

Zebra Setup Utility, Zebra Mobile Printer, Microsoft NPS, Cisco Controller, PEAP and WPA-PEAP

Content 1 OVERVIEW HARDWARE DESCRIPTION HARDWARE INSTALLATION PC CONFIGURATION GUIDE... 5 WEB-BASED MANAGEMENT GUIDE...

Zebra Setup Utility, Zebra Mobile Printer, IAS, Symbol / Motorola Access point, PEAP and WPA-PEAP

How to set up your wireless network

Network Configuration

Configuration Guide. How to connect to an IPSec VPN using an iphone in ios. Overview

Add a Wireless Network to an Existing Wired Network using a Wireless Access Point (WAP)

Configuring the network clients

Connecting the DI-804V Broadband Router to your network

How to set up an Amazon Work Profile for Windows 8

Configuration Guide. How to set up the IPSec site-to-site Tunnel between the D-Link DSR Router and the SonicWall Firewall.

Secure Access Configuration Guide For Wireless Clients

Configure Per-User Dynamic Access Control Lists in ISE

Directions for Setting up Remote Desktop Connection for PC:

USG/ZyWALL ZLD

Microsoft Remote Desktop Installation and Setup for Analysis VMs

Table of Contents A. Set up VPN Client...2. B. Connect to CUHK VPN C. Disconnect from CUHK VPN... 13

Setting Up Windows 2K VPN Connection Through The Symantec Raptor Firewall Firewall

Zebra Setup Utility, Zebra Mobile Printer, Microsoft IAS, Cisco Access Point, PEAP and WPA-PEAP

Cisco Secure ACS for Windows v3.2 With PEAP MS CHAPv2 Machine Authentication

How to: Set up TTUnet VPN in Mac OS X Leopard (10.5)

SonicOS Enhanced Release Notes

VPN2S. Handbook VPN VPN2S. Default Login Details. Firmware V1.12(ABLN.0)b9 Edition 1, 5/ LAN Port IP Address

Securewireless Windows 7 Setup Guide

Integration Guide. LoginTC

Writing Alternative Text for the ITSM Knowledge Base

Using the Vita Group Citrix Portal

FPS BYOD Wireless Network

How to Setup PureVPN on Synology NAS

NFusion Wireless Network Step-by-Step Configuration

Implementation Guide for protecting. CheckPoint Firewall-1 / VPN-1. with. BlackShield ID

EnGenius Quick Start Guide

Chapter 8. User Authentication

Configuring User VPN For Azure

DFL-210, DFL-800, DFL-1600 How to setup IPSec VPN connection with DI-80xHV

To Activate your Wireless Account

Zebra Setup Utility, Zebra Mobile Printer, Microsoft NPS, Cisco Access Point, PEAP and WPA-PEAP

Self Help Guide. APPLIES TO: F1PI241EGau

Click on Close button to close Network Connection Details. You are back to the Local Area Connection Status window.

Use Shrew Soft VPN Client to Connect with IPSec VPN Server on RV130 and RV130W

BASICS OF PORT FORWARDING ON A ROUTER

RED IM Integration with Bomgar Privileged Access

Wireless 300N 3G quick install

Please note, instructions in this guide are based on a PC running Windows 7. Please adapt the actions to suit your operating system.

Basic Setup of Netgear VPN Firewall

SonicWALL strongly recommends you follow these steps before installing Global VPN Client (GVC) 4.0.0:

Configuring 802.1X Authentication Client for Windows 8

Netis WF-2411 Quick Configuration Guide NTC November TCS Webinar 1

How to use OpenVPN Server/Client on

Expected Outcomes Able to design the network security for the entire network Able to develop and suggest the security plan and policy

HPE IMC UAM LDAP Authentication Configuration Examples

IHSVPN IHS Secure Network Access

Common Issue Fix: My internet doesn t work

Using a VPN with Niagara Systems. v0.3 6, July 2013

NetMotion Integration with GreenRADIUS - Quick Start Guide

How to Configure the RSA Authentication Manager

Checkpoint VPN-1 NG/FP3

MSC-5100 Promotional Bundle Quickstart

Teacher Step 1: How to create a Google Classroom

Using the EN-2000 s Management System

Windows 8.1 and Windows 10 a) Connect to wireless network Click on the wireless icon in taskbar. Select detnsw and click on Connect.

Transcription:

How to setup Remote VPN access using Windows Radius Server and Unifi USG/Controller Prerequisites: Windows Server 2012 or newer Domain Controller Services running Unifi USG (Pro, XG or 3P) Administrative Access to Windows Domain Installing Network Policy Server/RADIUS on Server 1. Login to the Windows Server you would like to function as the RADIUS authentication server. 2. Open Server Manager > Manage > Add Roles and Features Select to install the Network Policy and Access Services b. c. Click next and complete the install. Ensure to install the Management tools as well 3. In Server Manager go to Tools > Network Policy Server 4. Right click NPS (Local) and ensure the server is Registered to Active Directory and the Service is started

Creating a Security Group for VPN Domain Users 1. Navigate to your Active Directory User and Computers Tool 2. Create a new Security group with a friendly name (VPN Remote Users) 3. Add the Users to this group that you want to have access to the VPN connection Adding the RADIUS connection to the USG Router 1. Right click RADIUS Clients and select New 2. Fill in a Friendly name for the connection (USGRouter) 3. Fill in the LAN IP Address of the USG Router (in this case, 192.168.0.1) 4. Create a manual shared secret of less than 64 characters. I used a generated secret and got an error on the controller as the key was too long. I ve stuck with a 24 character key now and it seems to take it. Not currently sure of the max characters it likes. 5. Save this Shared Secret in a documented location for later

6. Click OK. You should see your connection to the USG router listed now

Adding the Network Policy to Limit it to a Security Group 1. Right click Network Policies under Policies, and select New 2. Give it a friendly name Ex. VPN Remote Users 3. Click Next 4. Select Add then User Groups then search for your Security group you made earlier (VPN Remote Users) b. Click Next

5. Click Next again after ensuring Access Granted is selected 6. Uncheck MS-CHAP and leave only the top two boxes checked. b. Click Next 7. Leave all defaults on Configure Constraints and click Next 8. Leave all defaults on Configure Settings EXCEPT navigate to Encryption > and uncheck all but strongest encryption b. Click Next 9. Review the final screen then click Finish It should look something like the below

b. 10. Right click your new policy in the list and move it up until it is processed as the first policy Configuring the Controller/USG Router connection 1. Login to the Unifi Controller and Navigate to Settings > Networks > Create a New Network 2. Give it a friendly name (VPN Remote Users) 3. Select Remote User VPN as the Purpose 4. Select L2TP Server 5. Set a new Pre-Shared Key that is DIFFERENT than the one you used before. This one is the key you will be giving to your users to connect to the VPN. 6. Enter a Gateway/Subnet that is not already in use 192.168.2.1/24 for example 7. Leave Name Server as Auto (unless you would like to set DNS servers) 8. Click Create New Radius Profile 9. Give it a Friendly Name 10. Enter the IP address of the Network Policy Server we configured earlier 11. Enter the Shared Secret we used earlier that you saved (you saved this, right?)

b. Hit Save 12. Hit Save again after reviewing your settings 13. Adding the VPN to your Windows 10 Machine 1. Click your Network Adapter (Wireless or Wired) in the bottom corner of your taskbar 2. 3. Click Network & Internet Settings 4. Click VPN then Add a VPN Connection

5. Give the connection a friendly name (Ex. Work ) 6. Enter the Public IP address or Vanity Domain name you have pointed to your public IP address. To check the public IP address your USG router is using, navigate to Settings > Networks > WAN and click Edit b. 7. Change the VPN type to L2TP/IPsec with pre-shared key

8. Enter the Pre-Shared Key you set at step 5 in the prior section. This is the one the Users enter to connect. 9. Fill in the Username and Password of a Domain user that has been added to the Security Group we made earlier EX. domain\vpnuser 10. Attempt to connect to the VPN 11. Rejoice as it works! Some things that caught me up during this: Moving my Network Policy to be processed first Not using the L2TP as the connection method I had honestly been entering the wrong Public IP for a little bit, always double check your typing

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback