- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Issues configuring secure LDAP on VPN appliance
We have LDAP configured and working for VPN authentication, but need to of course have secure auth, so need to change to LDAPS.
LDAP is working with a regular bind account. When I change to LDAPS, both the connectivity and the user credentials test pass successfully. However, nobody can log into the VPN; Permission denied. (-455).
The documentation is pretty vague. To keep things simple for testing I haven't toggled the 'Certificate' option and assume that is not a requirement. I haven't been able to locate any logging to get more information, either.
I'm puzzled as to why the LDAPS tests show success, but logins fail.
I appreciate any insight.
Solved! Go to Solution.
- Labels:
-
LDAP
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
There is a new security hardening in 7.4.4.
You need to load AD cert in your FGT. Check these two posts.
Hope it helps.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Which FortiOS version?
Created on ‎07-17-2024 10:57 AM Edited on ‎07-17-2024 10:58 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
It's on 7.4.4 build 2662.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
There is a new security hardening in 7.4.4.
You need to load AD cert in your FGT. Check these two posts.
Hope it helps.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Ah, I don't know how I missed those in my search. Thanks much for your reply!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
It is now most frequent complain as more people try 7.4.4,
@FTNT folks - it would be really nice to include this info in the FortiOS 7.4.4 Release Notes, because not everyone will be successful in forming the correct wording in querying Google/Bing to find it here, in Technical Tips.
