I have been making no progress on this for weeks now. Using FortiClient
7.4.4 I am unable to successfully configure an IPsec IKEv2 remote VPN
connection using LDAP machine certificate (not a user certificate)
authentication. We have an internal Windo...
We currently have a dial-up SSL VPN configuration that requires a user
to connect using both their Windows AD (LDAP) credentials AND a local
computer certificate issued from our internal Windows CA. On top of
that, we use FortiToken with push notific...
We have a few new FortiAP's (running FAP 7.4.5) and managed by our
FortiGate (running FOS 7.4.8). I would like to allow our laptops to
automatically connect and authenticate to our Wi-Fi network using their
machine certificates. We have an internal W...
Since upgrading our EMS server to 7.2.5 and our clients to FC 7.2.5, the
clients Web Filter, Video Filter, Vulnerability, and System Events no
longer populate in EMS at all. These events don't update under the
Endpoint Views for the clients and there...
I can not get this figured out. I’ve got a FortiGate running v7.2.9
(also tried with v7.2.8) and I’m trying to configure our SSL VPN to use
an external DHCP Server to assign our clients IP addresses. I followed
the instructions outlined here:
https:/...
@funkylicious, Yes, I've gone through each and have am still
unsuccessful. To make it easy, my computer certs include their User
Principal Name in the SAN field of the certificate, as that seems to be
what the FG expects as a default. I've also tried...
OK, with FortiClient 7.4.4, using IPsec IKEv2 I am now able to require a
VPN user:to have a user certificate issued from our internal Windows
CA,still prompt them to supply their current Windows AD credentials,
andaccept a FortiToken MFA push request...
According to the article, "However, as of now, the FortiToken (MFA) is
not supported on Windows FortiClient with LDAP (EAP-TTLS)." So I take
this to mean that using a FortiGate user account of type "LDAP" with
FortiToken MFA is not yet possible when ...
A little progress this morning.... I was able to finally get FortiToken
MFA to work on a FG RADIUS user account. As I mentioned in my original
post, when I followed these instructions
(https://community.fortinet.com/t5/FortiGate/Technical-Tip-IKEv2-D...
Markus,Thanks for the explanation and for providing those links. I was
able to get it all working using the instructions you provided in the
first link
(https://community.fortinet.com/t5/FortiAP/Technical-Note-EAP-TLS-wireless-LAN-deployment-on-Andro...
