Under the 'Global' VDOM, allocate the LAN interface to new VDOM ‘South’, which is already created.
In ‘South’ VDOM, it is possible to see that there is a new allocated interface to specific VDOM.
Then it is necessary to create LDAP remote server and LDAP User Group under the 'South' VDOM, which will be used for user authentication while logging to FortiGate.
In 'Global' VDOM, create a wildcard LDAP administrator that will have access the FortiGate only over the network interface (port9) which belongs to VDOM ‘South’.
Testing FortiGate GUI access from remote workstation that is on same subnet as network interface port9 that is assigned to the VDOM ‘South’.
LDAP remote authentication is working.
# diagnose debug console timestamp enable
# diagnose debug application fnbamd -1
# diagnose debug enable
Related KB article: