- About mumbles202
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
mumbles202
Comes here often
Member since Apr 6, 2020
05-01-2020
Community Record
8
Posts
0
Kudos
0
Solutions
Badges
05-01-2020
02:55 PM
So switched this to Radius instead of LDAP and getting the same. Domain Admins get right in; remove the user from that group and it fails w/ an incorrect password.
... View more
04-15-2020
08:32 AM
Modified the setup and found the same thing. Domain Admins connect w/o a problem but standard users fail. Looking into if a GPO might be causing the issue.
... View more
04-07-2020
04:08 PM
Thanks for the links. Users are entering username as jdoe and then the password. Fails normally, but if I add jdoe to the Domain Admins group (w/o making any other changes) that account is able to login w/o any issues.
... View more
04-07-2020
01:43 PM
I get a 691 error in Windows.
... View more
04-07-2020
06:00 AM
Where is the search DN defined for VPN setup? I know on an ASA that's available and critical but I didn't see that field anywhere on the Meraki dashboard. The account i'm testing w/ is in a different OU than the domain admins but I've confirmed moving it to the same OU has no impact. And leaving it in the original OU but making it an admin does allow it to connect.
... View more
04-06-2020
02:29 PM
Thanks for the idea. Hadn't thought about installing another role on the DC, but that might be the easier route for sure. I'll see about getting that role installed and creating a policy and then re-pointing the MX.
... View more
04-06-2020
12:46 PM
I don't believe so. I added the permission to the test account I've been using but that still failed.
... View more
04-06-2020
11:45 AM
Remote access vpn works fine using Meraki credentials. When we moved over to using AD we noticed that only domain admins are able to sign in. The single DC is also a CA and has a certificate installed which is still valid. If i take jdoe and attempt to sign in I get: The remote connection was denied because the user naem and password combination you provided is not recognized, or the selected authentication protocol is not permitted on the remote access server. as soon as I add jdoe to domain admins however he is able to connect w/ no issues. I'm trying to determine what would be the cause of this as the error points to a certificate issue but it works when the same user is an admin. Has anyone seen anything similar? Packet captures on a failed connection indicate a response is coming from the DC to reject the login.
... View more
