Hi Devin, your Lab is explicit however is there a part of the configuration i am missing? i have tried it on my Lab but is not working. I was able to integrate AD successfully with my Fortigate, created remote user with super admin access but yet i can't connect , kindly advise on what i am missing.
I am struggling to set up an LDAP in 2012 DC. Locally, I can connect to it, but from the FW (in the same LAN), it says "cant connect to ldap". My LDAP is up and running (I can connect to it using ldp.exe). I even have set up the source-interface on Forti from CLI, but no luck. Do you know what could be the problem?
Not too sure. Maybe it could have to do with If you're using LDAPS vs LDAP. They do use different ports and you'll also need the certificate of the domain controller If you're going to set up secure LDAP. There shouldn't be a connection problem and you don't have to set the source IP address if it's locally connected. Don't forget you can always call the technical assistance center If you have a support contract.
@@DevinAdams Thanx Davin. No, its a lab environment, I am preparing my NSE4 cert. I was thinking that it could be because of certificate. (that it does not allow you to use it as an unencrypted service, however, I doubt this). I am using an ldap without encryption, on port 50000 and it is open on the DC. I am even not seeing any packet going out of the Forti when I press "test connectivity". So maybe its because of the Forti evaluation VM.. Ill keep searching. Thanks a lot!
Hey Devon how u doing? My name is Nixon. I have an important question i want to ask you. I have a small business i used ldap with fortigate to give a couple people VPN, but the way we se it up everyone on the domain have access to vpn which we dont. want. How can we reconfigure the LDAP with the AD so we can have one group on the AD so can add and remove users from it for VPN?
Hi Devin! I'm keen to get a fortigate FW certification. Would you mind sending me a link of your courses? Also can you guide me on what's are the different certifications for fortinet fw administration? Thank you!
Hi Jonathan! The company I work for is called DWWTC or Dynamic Worldwide Training Consultants. You can check it out at dwwtc.com. Also, if you signup at training.fortinet.com, you can tap resources there including practice exams.
So I'm not able to make this work. I was ultimately trying to make this work for SSL VPN. However the only thing that still works is the local login. I have the AD group in the SSL setting with full access along with the the AD group being in the Policy as a source. The login stops at 48% with error 455. When i couldn't make the vpn work I thought I'd try what you did with the logins. I keep getting invalid password in the logs.
Hi Jason, once I get done with these videos, I'll lab up your situation and see what we can find. It might be a few days before I have time but it will give me an excuse to do my SSL VPN demo. Off the top of my head, it should work. The only thing I can think of is that the username isn't finding a bind in AD. There is the CN name and Samaccount name option when configuring LDAP on the Fortigate. CN is a users full name and Samaccount would be their login ID. For example Devin Adams vs. dbadams. Either way, thanks for the comment and I'll make sure to lab it up!
Ciao grande, ottima guida Pdio
hello. I have a chassis that doesn't support LDAP/Tacacs but supports SSO. Can I integrate LDAP and SSO??
Hi Devin, Did you have any tutorials regarding adding printers under the LDAP in Windows Server 2016?. Your reply is very much appreciated
Hi Devin, your Lab is explicit however is there a part of the configuration i am missing? i have tried it on my Lab but is not working. I was able to integrate AD successfully with my Fortigate, created remote user with super admin access but yet i can't connect , kindly advise on what i am missing.
I am struggling to set up an LDAP in 2012 DC. Locally, I can connect to it, but from the FW (in the same LAN), it says "cant connect to ldap". My LDAP is up and running (I can connect to it using ldp.exe). I even have set up the source-interface on Forti from CLI, but no luck. Do you know what could be the problem?
Not too sure. Maybe it could have to do with If you're using LDAPS vs LDAP. They do use different ports and you'll also need the certificate of the domain controller If you're going to set up secure LDAP. There shouldn't be a connection problem and you don't have to set the source IP address if it's locally connected. Don't forget you can always call the technical assistance center If you have a support contract.
@@DevinAdams Thanx Davin. No, its a lab environment, I am preparing my NSE4 cert. I was thinking that it could be because of certificate. (that it does not allow you to use it as an unencrypted service, however, I doubt this). I am using an ldap without encryption, on port 50000 and it is open on the DC. I am even not seeing any packet going out of the Forti when I press "test connectivity". So maybe its because of the Forti evaluation VM.. Ill keep searching. Thanks a lot!
Hey Devon how u doing? My name is Nixon. I have an important question i want to ask you. I have a small business i used ldap with fortigate to give a couple people VPN, but the way we se it up everyone on the domain have access to vpn which we dont. want. How can we reconfigure the LDAP with the AD so we can have one group on the AD so can add and remove users from it for VPN?
Hi Devin! I'm keen to get a fortigate FW certification. Would you mind sending me a link of your courses? Also can you guide me on what's are the different certifications for fortinet fw administration? Thank you!
Hi Jonathan! The company I work for is called DWWTC or Dynamic Worldwide Training Consultants. You can check it out at dwwtc.com. Also, if you signup at training.fortinet.com, you can tap resources there including practice exams.
So I'm not able to make this work. I was ultimately trying to make this work for SSL VPN. However the only thing that still works is the local login. I have the AD group in the SSL setting with full access along with the the AD group being in the Policy as a source. The login stops at 48% with error 455.
When i couldn't make the vpn work I thought I'd try what you did with the logins. I keep getting invalid password in the logs.
Hi Jason, once I get done with these videos, I'll lab up your situation and see what we can find. It might be a few days before I have time but it will give me an excuse to do my SSL VPN demo. Off the top of my head, it should work. The only thing I can think of is that the username isn't finding a bind in AD. There is the CN name and Samaccount name option when configuring LDAP on the Fortigate. CN is a users full name and Samaccount would be their login ID. For example Devin Adams vs. dbadams. Either way, thanks for the comment and I'll make sure to lab it up!
Hey Jason, just got done recording a possible solution for you. You can find it here: ua-cam.com/video/ivrJ-GIGrx8/v-deo.html Hope it helps.