Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
gmanea
Staff
Staff

Created on ‎03-09-2021 12:14 AM Edited on ‎12-01-2024 11:40 PM By Community Manager

Article Id 193632

Technical Tip: LDAP users with Windows L2TP Native clients

Description


This article describes how to fix the issue when LDAP users cannot connect with Windows L2TP native clients.

 

Scope

 

FortiGate.

Solution


LDAP user authentication is supported for PPTP, L2TP, IPsec VPN, and firewall authentication but due to point-to-point protocol limitations, only PAP (Packet Authentication Protocol).
As Windows native client uses MSCHAP or MSCHAPv2 by default, it is possible to change it to PAP: in the Security tab of the L2TP connection setting, select 'Advanced', select 'Settings', enable 'Unencrypted password PAP' and select 'OK'.

Related article:

Technical Tip: Setup L2TP over IPSEC VPN on FortiGate with LDAP authentication

3817
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.