ldap problem

Amin_meh · ‎03-03-2023

i have two vdom , one vdom is policy based and connect to server and client another vdom is profile based and connect WAN .

when configure ldap server in WAN vdom i problem and don't work .

i check and have access between vdom WAN and DC(in VDOM Server)

Love Forti

Toshi_Esumi · ‎03-03-2023

Not sure what you meant by policy based and profile based VDOMs. But I'm assuming it's about how to apply UTM/UTP.

And, I'm also assuming it's a routing issue between two VDOMs and if you are in the WAN VDOM you can't even ping the LDAP server. How are you routing between two VDOMs to connect WAN and servers? Static routes over a vdom-link or npu-vlink?

Toshi

Amin_meh · ‎03-03-2023

i used vdom-link and use statick route i have ping

Love Forti

Toshi_Esumi · ‎03-03-2023

Do you have static routes, one from WAN vdom to server vdom for the server subnet, and a default route from server vdom toward WAN vdom?

Amin_meh · ‎03-03-2023

yes

Love Forti

Toshi_Esumi · ‎03-03-2023

Of course you also have sets of policies to allow traffic from/to vdom-link to/from the server interface at least in the server vdom, right?
Then, the ldap server should be reachable from the WAN vdom. Can you ping the server IP from the WAN vdom in CLI? Or can't? If can't, what do you see in traceroute "exe traceroute [server_ip]" from the WAN vdom?

Amin_meh · ‎03-03-2023

yes

Love Forti

Toshi_Esumi · ‎03-03-2023

You seem to be a person of few words. I asked multiple questions then your answer was only one 'yes'. Which one is yes then? Have a proper set of policies or the server is pingable from WAN vdom? Or 'yes' and 'yes', you meant? If not what's in the traceroute?

ldap problem

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website