Hello,
I am hoping someone else has seen this before and that there is a simple solution. We are trying to use SSL VPN Prelogon FortiGate authentication configuration | FortiClient 7.2.3 | Fortinet Document Library which uses the LDAP server and PKI user components on the Fortigate. However, this command set account-key-upn-san under ldap server configuration and set ldap-server under PKI user configuration, both featured in this documentation, aren't available when I use the CLI. Fortinet support also couldn't find the commands when logged onto my Fortigate. They are researching this issue, but I'm hoping someone else may have seen this before and knows of a fix. Note FortiOS version is 7.4.1
Thanks for your help.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
I just did an upgrade of my LAB device running 7.2.6 to 7.4.1 and I can see "set account-key-upn-san" is changed to "set account-key-cert-field".
On 7.2.6:
LAB-Fortigate # get system status
Version: FortiGate-VM64 v7.2.6,build1575,230926 (GA.F)
LAB-Fortigate (ldap) # edit LAB\ LDAP
LAB-Fortigate (LAB LDAP) # set account-key-upn-san
othername Other name in SAN.
rfc822name RFC822 Email address in SAN.
dnsname DNS name in SAN.
LAB-Fortigate (LAB LDAP) # set account-key-upn-san dnsname
LAB-Fortigate (LAB LDAP) # end
After upgrade to 7.4.1, the config changed automatically.
LAB-Fortigate # get system status
Version: FortiGate-VM64 v7.4.1,build2463,230830 (GA.F)
LAB-Fortigate (LAB LDAP) # show
config user ldap
edit "LAB LDAP"
set server "x.x.x.x"
set cnid "cn"
set dn "dc=abcdomain,dc=com"
set type regular
set username "CN=Administrator,CN=Users,DC=abcdomain,DC=com"
set password ENC
set account-key-cert-field dnsname
next
end
LAB-Fortigate (LAB LDAP) #
LAB-Fortigate (LAB LDAP) # set account-key-cert-field
othername Other name in SAN.
rfc822name RFC822 email address in SAN.
dnsname DNS name in SAN.
LAB-Fortigate (LAB LDAP) #
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1673 | |
1083 | |
752 | |
446 | |
226 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.