Hi,

new in FG and new here, so please forgive me if something isn't clear.

Short description: FG100D v6.0.1 build 0131 I want to allow logging to FG device (GUI and CLI) using AD group (update AD group for allow/deny logging to device). So I've setup LDAP server, User Group that includes AD server and Admin user with that UserGroup. Next to LDAP I also have setup Radious > point to MS NPS - this is use for L2TP VPN access. Now - when I add a user to the related AD group for logging it does not work and end with:    - debug application fnbamd -1 shows: fnbamd_ldap_result-Failed group matching    - sustem Event shows: Administrator admin_test login failed from https(IP) because of invalid password However, If I add the admin_test AD account to the AD group for VPN (this group is add/setup on MS NPS server, not on the FG device), then admin_test AD account can successfully login to the FG. Question: What I'm doing wrong? Attached is a file with settings and debug log. Many thanks in advance. jyndros