LDAP User and VPN Portal issue

Forum|Forum|7 years ago
April 18, 2019
1 reply
4987 views

Hi all

I try to give a VPN Portal access to a new user.

User Definition/Remote LDAP User

First issue : choose an LDAP Server (I have 7 defined).. get the tree of OU, but no accounts are displayed ! and a popup print "Timed out"

Only one of my seven defined LDAP Server is displaying correctly accounts. So I can select the user, put it in the authorized groups.

Second issue : I can't use nor vpn portal or vpn-ssl.

In VPN event log, I have the message "SSL user failed to logged in", in detail, I can see under Action : "sslvpn_login_unknown_user" and Source the groupe is not displayed, it seem the user isn't find in LDAP.

I've test connectivity on each ldap server and it's successful.

Is there a known bug with 5.6.4 release or an ldap query limitation ? there are thousands of accounts in AD but so far, I have never had any problems with that..

David

5.6

DarvidAuthor

New Member

I also test

diagnose test authserver ldap <server> <account> <password> Succeed with group membership ok

IShall

New Member

Hello,

We recently purchased some Fortigates (based on pre-sales advice), having a requirement that user authentication on an SSL portal could be configured to use LDAP AND RADIUS (not OR). i.e. on logon to the portal, the user needs to enter both LDAP and RADIUS credentials.

I have got both LDAP and RADIUS to work individually, however cannot see how to force both.

Fortinet support has told me I now need to purchase a FortiAuthenticator if I want to do this.

Has anyone managed to do this or do I really need the additional kit ?

Kind regards,

IShall

New Member

Apologies, this should been a new thread :(

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded