SRX Services Gateway
SRX Services Gateway

Dyn VPN with LDAP authentication

‎02-11-2019 02:07 PM

Hi all,

I ve an SRX240 device and syn vpn configured on it. It works fine but I want to setup LDAP authentication for dyn vpn users. I am using the default 2 licence for this. However after I applied the configuration, I can the the config on JWeb UI but when i click on that I am getting the following error message.. Is this because of using default licence or am I missing something ?

 

Screen Shot 2019-02-11 at 12.22.49.png

 

set access profile ldap-usr-profile authentication-order ldap
set access profile ldap-usr-profile address-assignment pool engpool
set access profile ldap-usr-profile ldap-options base-distinguished-name OU=Users,DC=company,DC=com
set access profile ldap-usr-profile ldap-options search search-filter sAMAccountName=
set access profile ldap-usr-profile ldap-options search admin-search distinguished-name "CN=LDAP Connector,OU=SysAdmins,OU=Users,DC=company,DC=com"
set access profile ldap-usr-profile ldap-options search admin-search password "password"
set access profile ldap-usr-profile ldap-server 192.168.10.215 port 389
set access address-assignment pool engpool family inet network 192.168.200.0/24
set access address-assignment pool engpool family inet range range1 low 192.168.200.40
set access address-assignment pool engpool family inet range range1 high 192.168.200.100
set access address-assignment pool engpool family inet xauth-attributes primary-dns 8.8.8.8/32
set access address-assignment pool engpool family inet xauth-attributes secondary-dns 4.3.2.1/32
set access firewall-authentication web-authentication default-profile ldap-usr-profile

 

Thanks

3 REPLIES 3
SRX Services Gateway

Re: Dyn VPN with LDAP authentication

‎02-11-2019 02:55 PM

Hi, vodexguy

 

I dont think that the license is a problem. What version are you running on the SRX? are you receiving any errors if you commit the configuration over the CLI?

 

Pura Vida from Costa Rica - Mark as Resolved if it applies.
Kudos are appreciated too!
SRX Services Gateway

Re: Dyn VPN with LDAP authentication

‎02-11-2019 04:00 PM

JUNOS Software Release [12.1X44-D35.5] is running... No, i can commit the above configuration successfulluy but when i use the web ui, i am having this error

Highlighted
SRX Services Gateway

Re: Dyn VPN with LDAP authentication

‎02-11-2019 04:38 PM

It sounds like a cosmetic issue to me and I was not able to find any related information about the error message. I would advise to upgrade the junos software you are running because it is very old and it is End-of-life since January 2016:

 

      https://support.juniper.net/support/eol/software/junos/ 

 

Recommended junos for SRX240: 12.1X46-D77

 

Pura Vida from Costa Rica - Mark as Resolved if it applies.
Kudos are appreciated too!