Hi all, Not sure where this topic should be posted since it overlaps between IPSEC site to site and LDAP authentication, but i'll give it a go here. I'm having a peculiar request: 1. 2 sites on a site to site VPN - Site A (main office) & Site B (branch office) 2. At present the connection from B to A is not in a route all state, and each site goes out through its own connection for internet access 3. Site A's VPN access is authenticated through LDAP to their Local Active Directory in Site A Now there is a requirement where I need to allow users from site B to access via site A's VPN My question is: 1. How do i reach site B's Active Directory / LDAP through the site to site for this authentication to occur? 2. Locally, on site A, it is able to ping site B's Active Directory server 3. I've created the LDAP entry on the Fortigate, but it is unable to reach Note : my branch office firewall not register Could someone point what I may have missed out?