SoftEther VPN User Forum

I'm currently running a softether VPN server on a domained Windows Server and I'm using NT Domain Authentication via an asterisked user as explained on this pagehttps://www.softether.org/4-docs/1-manu ... entication.
My issue is I don't want everyone on the domain to be able to login to the VPN and the suggested methods on the same page to do this don't work. Creating specific users with 'user name on authentication server:' field filled in with the short or full user@domain.lan and 'allow access' in the security policy disabled doesn't do anything, that exact user can still log in. Alternatively trying to use NT Domain Authentication without an asterisked user doesn't work at all as the specified user can't login. Am I missing something with this such as syntax or wrong fields?

Did you specify NT Domain Authentication as the authentication method when creating the user you want to refuse to connect?

Yes I did, all those users are specified as "NT Domain Authentication" and I try the "User Name" field which does not allow an "@" and the "User Name on Authentication Server" field in every combination to no avail. I might add that these users get no recorded logins as well.
Sorry for the lat reply but this is still a very annoying issue for me.