Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
dkoll
New Contributor

Forticlient EMS 7.2.1 LDAP Auth Server to Duo Auth Proxy 6.0.0

Having an issue connecting the EMS to our Duo Auth Proxy. The EMS is binding correctly to our DC via LDAPS, but whenever I try to bind to our Duo Auth Proxy I receive the error, "unable to read LDAP response packet: unexpected EOF." I've also tried a third party ldap client and was able to bind from the EMS server to the Duo Auth Proxy via the ldap client (Softerra LDAP Browser).

 

Never had an issue with the auth proxy and am currently using the LDAP integration to Duo with our FortiGate with no issues. Seems to be something explicitly with the EMS server and its implementation of LDAP. Has anyone encountered this issue?

1 REPLY 1
Faiza_Emam_Delhi
Contributor

there may be some compatibility issues between the FortiClient EMS 7.2.1 and the Duo Auth Proxy 6.0.0. Here are some steps you can take to troubleshoot this issue:

1. Verify that the LDAP settings in FortiClient EMS and Duo Auth Proxy match exactly, including the LDAP server address, port, and SSL/TLS settings.

2. Check that the Duo Auth Proxy is configured to allow LDAPS connections from the FortiClient EMS server. You may need to add the EMS server's IP address to the allowed list.

3. Verify that the LDAP certificates are trusted on both the FortiClient EMS server and the Duo Auth Proxy. You can use the 'certutil' command to view and manage certificates.

4. Check the logs on both the FortiClient EMS server and the Duo Auth Proxy for any errors or warnings related to LDAP.

5. Try using a different LDAP client on the FortiClient EMS server to see if the issue is specific to FortiClient EMS. If you are able to successfully bind to the Duo Auth Proxy using a different client, it could indicate a problem with FortiClient EMS itself.

Thanks & Regards,
Faizal Emam
Thanks & Regards,Faizal Emam
Top Kudoed Authors