I can't find in the documentation for the life of me how to restrict access to client VPN by OU or security groups in AD, can someone point me in the right direction?
As far as I can tell it seems that any user that is enabled in AD can login via client vpn
Have you seen these docs:
Seems to me that the following steps allow you to limit it:
5. Click Add to add conditions to your policy.
6. From the list of conditions, select the option for Windows Groups. Click Add Groups and enter the name of Windows Group you would like to give Client VPN permission.
Are you using RADIUS? When you said AD I'm assuming you're not using RADIUS? If that's the case then this might help you:
View all community news »