Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

Ldap authentication for vpn users.

Hi. i'm having issues to authenticate vpn users throught a remote ldap server.

i have created the addresses, portal, policys and everything works fine with local users.

But if i add a remote group to authenticate i can't grant access.

What i did:

Under users authentication,ldap i have created a ldap server, test were successful.

Under users, group, i have created a new group for vpn with remote server. i was able to browse ldap tree and add vpn users group.

The i added that group into the ssl vpn portal, and edit the policy to allow access for users in this group.


When i try to connect i got access denied.


I did the same steps on other unit and everything worked fine.


Software Version 5.2.3 patch 670 on both units.


PD: i think i have a problem with ldap because when i try to configure sso in polling mode, i'm able to browse ldap tree, but when i select a group, and i try to apply those changes i got an error of object not found.




New Contributor

I solved it.

The prioblem was that fortigate was sending the cn to the domain controller and i was trying to authenticate using the samaccountname.

Top Kudoed Authors