Hi. i'm having issues to authenticate vpn users throught a remote ldap server.
i have created the addresses, portal, policys and everything works fine with local users.
But if i add a remote group to authenticate i can't grant access.
What i did:
Under users authentication,ldap i have created a ldap server, test were successful.
Under users, group, i have created a new group for vpn with remote server. i was able to browse ldap tree and add vpn users group.
The i added that group into the ssl vpn portal, and edit the policy to allow access for users in this group.
When i try to connect i got access denied.
I did the same steps on other unit and everything worked fine.
Software Version 5.2.3 patch 670 on both units.
PD: i think i have a problem with ldap because when i try to configure sso in polling mode, i'm able to browse ldap tree, but when i select a group, and i try to apply those changes i got an error of object not found.
Thanks.
I solved it.
The prioblem was that fortigate was sending the cn to the domain controller and i was trying to authenticate using the samaccountname.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.