<div>Hi, </div>
<div> </div>
<div>I have a security group in AD 'noremote' that I would like to deny VPN access. </div>
<div> </div>
<div>Reading the FAQ, I edit users to include </div>
<div> </div>
<div>DEFAULT Group == "noremote", Auth-Type := Reject<br> Reply-Message = "Your account is not allowed."<br></div>
<div>but this doesn't work. </div>
<div> </div>
<div>I also tried below which I based on my previous query to deny AD users (this is working) </div>
<div> </div>
<div>DEFAULT Group == "noremote", MS-CHAP-Use-NTLM-Auth := 0,Auth-Type := Reject<br> Reply-Message = "Your account is not allowed."</div>
<div> </div>
<div>but still doesn't work. </div>
<div> </div>
<div>I'm not sure how the group should be used. So I also tested including the domain such as </div>
<div>Group==DOMAIN\\noremote, Group==DOMAIN+noremote but still no success. </div>
<div> </div>
<div>Thanks in advance!</div>
<div>Roehl</div>