Hot!LDAPs and SSL Problem

Author
Tanguy
New Member
  • Total Posts : 7
  • Scores: 0
  • Reward points: 0
  • Joined: 2019/03/25 03:59:39
  • Status: offline
2020/09/28 06:49:40 (permalink)
0

LDAPs and SSL Problem

Hi,
 
I tried to configure my LDAP authentification using a CA certificate.
Test Connectivity is successful also Test User credentials.
Before my VPN worked fine. I deleted my user (first from group) then I recreated it. No problem I can browse LDAP.
I didn't change anything to my client. I waited a few minute sbefore trying. But everytime it fails at 80% and looking at logs : Events,  VPn it says :
Reasonsslvpn_login_unknown_user
Tried on another Fortinet, same result.

What am I doing wrong ?
 
Not e: I followed
https://docs.fortinet.com/document/fortigate/6.2.2/cookbook/688719/ssl-vpn-with-ldap-user-password-renew
https://www.infosecmonkey.com/2019/04/20/secure-ldap-and-ad-password-change-via-forticlient/
 
Thanks !
#1

6 Replies Related Threads

    boneyard
    Gold Member
    • Total Posts : 273
    • Scores: 14
    • Reward points: 0
    • Joined: 2014/07/30 11:15:18
    • Status: online
    Re: LDAPs and SSL Problem 2020/10/04 00:28:39 (permalink)
    0
    what do you mean with deleted your user? 
     
    is the user or usergroup still allowed on the sslvpn firewall policy?
    #2
    Tanguy
    New Member
    • Total Posts : 7
    • Scores: 0
    • Reward points: 0
    • Joined: 2019/03/25 03:59:39
    • Status: offline
    Re: LDAPs and SSL Problem 2020/10/04 12:15:01 (permalink)
    0
    It means. I unregistred it and register it back by browsing ladp
    #3
    boneyard
    Gold Member
    • Total Posts : 273
    • Scores: 14
    • Reward points: 0
    • Joined: 2014/07/30 11:15:18
    • Status: online
    Re: LDAPs and SSL Problem 2020/10/10 00:10:48 (permalink)
    0
    ok, not sure if that has any effect
     
    and .. is the user or usergroup still allowed on the sslvpn firewall policy?
    #4
    Tanguy
    New Member
    • Total Posts : 7
    • Scores: 0
    • Reward points: 0
    • Joined: 2019/03/25 03:59:39
    • Status: offline
    Re: LDAPs and SSL Problem 2020/10/11 23:09:25 (permalink)
    0
    If I change using LDAP without SSL it works... But I need it for the renew password option
    post edited by Tanguy - 2020/10/12 04:16:55
    #5
    boneyard
    Gold Member
    • Total Posts : 273
    • Scores: 14
    • Reward points: 0
    • Joined: 2014/07/30 11:15:18
    • Status: online
    Re: LDAPs and SSL Problem 2020/10/16 04:42:28 (permalink)
    #6
    bbilut
    Bronze Member
    • Total Posts : 25
    • Scores: 4
    • Reward points: 0
    • Joined: 2019/07/29 07:01:03
    • Location: Chicago Area
    • Status: offline
    Re: LDAPs and SSL Problem 2020/10/19 08:39:27 (permalink)
    0
    Did you upload your domains CA to the firewall? (I'm assuming you're using a Windows Domain as your LDAP source)
    #7
    Jump to:
    © 2020 APG vNext Commercial Version 5.5