Skip to main content
Tom15
Tom15
New Member
August 5, 2025
Question

FortiClient 7.4.4 and greater will no longer support RADIUS and LDAPS authentication

  • August 5, 2025
  • 2 replies
  • 2743 views

We have been told by Fortinet support that they will no longer support IKE1 in Forticlient 7.4.4 and greater.  IKE2 does not support the X-auth functionality and so will not support RADIUS or LDAPS sources.  If you use LdapS or RADIUS for your MFA to authenticate VPN users, this functionality could break your VPN logins or MFA and Fortinet will no longer provide you with support.

2 replies

funkylicious
SuperUser
funkylicious
SuperUser
August 5, 2025

that would be a huge upset since ikev2 doesnt offer some of the things that only work in ikev1

i will wait for the official release notes to start crying then

"jack of all trades, master of none"
sharmar
Staff & Editor
sharmar
Staff & Editor
August 6, 2025

Hello @Tom15 

 

Forticlient 7.4.3+ is supports both LDAP & Radius  with Ikv2, you need to utilize the EAP method to select the auth, 

 

Doc ref : 

For Radius :

https://community.fortinet.com/t5/FortiGate/Technical-Tip-IKEv2-dialup-IPsec-tunnel-with-RADIUS-server/ta-p/191040

 

For LDAP : https://docs.fortinet.com/document/fortigate/7.6.0/ssl-vpn-to-ipsec-vpn-migration/405532/ldap-based-user-authentication

 

How to select the auth method : https://docs.fortinet.com/document/forticlient/7.4.0/new-features/907253/eap-ttls-support-for-ipsec-vpn-7-4-3

 

Thanks

    Terms & ConditionsAccessibility statement