Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
MFerrara
New Contributor

User AD disable can connect to VPN

Hi, 

I have configured FortiClient on my pc no in domain.

I create a test user and disabled it to the AD.

 

If I try to connect to VPN with disable user the connection is established.

If I remove the disable user from group VPN the connection isn't established

 

I have 4 DC and one Collector Agent installed and replicate correctly.

 

I have 4 groups:

VPN_FASTWEB

Navigation_LDAP_Std

Navigation_LDAP_Full

Navigation_FSSO_Std

Navigation_FSSO_Full

 

Can help me please?

Thanks.

1 REPLY 1
MFerrara
New Contributor

I have a strange malfunction, with the use of SSL-VPN and LDAP authentication. The user is part of the VPN_Fortigate group, which grants him access to the VPN. If I remove the user from the VPN_Fortigate group, the user does not connect. If, on the other hand, only the user in AD is disabled (without removing it from the VPN_Fortigare group), the user is able to log into the SSL-VPN. How does this happen?

Labels
Top Kudoed Authors