Forticlient EMS 7.2.1 LDAP Auth Server to Duo Auth Proxy 6.0.0
Having an issue connecting the EMS to our Duo Auth Proxy. The EMS is binding correctly to our DC via LDAPS, but whenever I try to bind to our Duo Auth Proxy I receive the error, "unable to read LDAP response packet: unexpected EOF." I've also tried a third party ldap client and was able to bind from the EMS server to the Duo Auth Proxy via the ldap client (Softerra LDAP Browser).
Never had an issue with the auth proxy and am currently using the LDAP integration to Duo with our FortiGate with no issues. Seems to be something explicitly with the EMS server and its implementation of LDAP. Has anyone encountered this issue?
there may be some compatibility issues between the FortiClient EMS 7.2.1 and the Duo Auth Proxy 6.0.0. Here are some steps you can take to troubleshoot this issue:
1. Verify that the LDAP settings in FortiClient EMS and Duo Auth Proxy match exactly, including the LDAP server address, port, and SSL/TLS settings.
2. Check that the Duo Auth Proxy is configured to allow LDAPS connections from the FortiClient EMS server. You may need to add the EMS server's IP address to the allowed list.
3. Verify that the LDAP certificates are trusted on both the FortiClient EMS server and the Duo Auth Proxy. You can use the 'certutil' command to view and manage certificates.
4. Check the logs on both the FortiClient EMS server and the Duo Auth Proxy for any errors or warnings related to LDAP.
5. Try using a different LDAP client on the FortiClient EMS server to see if the issue is specific to FortiClient EMS. If you are able to successfully bind to the Duo Auth Proxy using a different client, it could indicate a problem with FortiClient EMS itself.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.