HiWe are using Forticlient free edition for remote connectivity.Our end
points have all AV and OS is kept up to date. There is a business
requirement to restrict access from devices that are not company
devices, to make sure they have enough protecti...
We have successfully configured Fortigate to authenticate SSLVPN users
with remote ldap server, using LDAPS from AzureAD. Now we are trying to
implement FortiAuthenticator as we wish to implement MFAOn the FAC, when
trying to setup the ldap server, w...
HiWe have LDAPS setup on Azure (Domain Service enabled).If we querry the
ldap server from a Linux box, it works fine.We want to setup LDAP
authentication on the Fortigate to authenticate SSLVPN users. I tried
all sort of syntax, but it always fail wi...
HiIs there a way to provide a choice of profiles for sslvpn clients (or
with a different method to access)? For example, a user would have the
possibility to connect either with split tunnelling or without it. I
think, it is possible if it was based ...
HiOur current HQ, uses Fortigate firewallsSituation a few months
ago:BranchA had FirewallBrandA, and connected to HQ via IPSEC VPN. Users
connect to branch via FirewallBrandA VPN clientBranchB had
FirewallBrandB and connected to HQ via IPSEC VPN. Use...
Hi dcook, it is good to know there are several ways (ie using shortname
or full upn)I am surprised it does not work if your users have Office
365 MFA enabled.In our case, we have Azure MFA for all , and it does not
seem to affect their login via ldap...
We are assuming that Domain Services and LDAPS is properly configured in
AzureOn FG, for ldap server, make sure you use port 636Common Name
Identifier: sAMAccountNameUse your DNBind type: RegularUsername: use
company\username syntax.If you use userna...
Thanks Ricardo I added the AzureAD certificate but it did not make a
differenceAt the moment, I have all outgoing traffic allowed.For a short
period, I also allowed all incoming, to make sure I was not blocking
anything but that did not make a differ...
I have been able to authenticate against AzureAD. You need to install
the Domain Services and then setup LDAPS.It works fine, but there was
some tricks to configure the ldap server on the Fortigate. I can share
the details if you are interested.Note ...
Thanks guys. I will have a look. I did not know about realms and found
out it was not available by default. Will have a go. Hopefully, it will
not break the current live settings!
