- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Fortigate VPN & Okta LDAP
I'm running a free trial with Okta, and I'm trying to configure Okta as an LDAP server to authenticate Fortigate VPN users. I have the LDAP Interface set up in Okta already. When I go to set up the LDAP server in the Fortigate, I'm getting an error each time I test connectivity:
Can't contact LDAP server
Any suggestions?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I would verify the FortiGate can resolve that domain properly by doing 'exec ping trial-xxxx.ldap.okta.com'.
If the firewall can resolve that fine, I would make sure it is reaching out properly by doing a sniffer.
The command for that would be 'di sni pack any 'port 636' 4 0 l'.
I would run that command, then test connectivity again.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You can start by disabling secure LDAP (secure connection radio button) to test if this resolve the issue. If it resolved this narrow down the problem to security certificate mismatch or so. Make sure the Username to query LDAP has sufficient privileges' to after confirming DNS resolution and reachability. In addition you can try different Bind Types and see if this helps
