Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

LDAP interface used in GUI and CLI are not the same



I'm new with Fortigate and we have deployed an AWS EC2 Fortigate NGFW v7.0.0 build0066 in one of AWS regions.

We want to allow internet access to users thru their Active Directory accounts/groups.

And, we're testing LDAP as a possible solution.


The firewall is configured in split-VDOM (Root and FG-Traffic)

Creation of the LDAP in the console was successful. Testing of user and credentials are okay.

And, directory tree was displayed when browsed.


But when we closed and save the LDAP creation window and access it again the LDAP failed with an error of lda_-3 or Invalid LDAP server. Same thing happens if we repeat the same to create a new LDAP server in the console.


In our troubleshooting, we found out that the console or GUI uses the Management interface to communicate with the AD server. While in CLI, the interface used was the interface we set in "set source-IP Testing in CLI seems consistently successful.


Seems the set source-IP is not being used in the console/GUI.

How do we make the LDAP GUI use the same IP  we set in "set source-IP.." in CLI?


Please help.


Thanks and regards,