Hi All,
This is my first post so hope im doing it the correct way.
I have a client VPN, client authentication is configured multiple servers(members) which are configured in the users groups.....im unable to find any info which shows how the timeout between the servers in the list. ie if I have 3 servers listed as below, if server 1 is not reachable what is the timeout before users are authenticated to server 2?
Server1
Server2
Server3
Firewall: Fortinet1200D.
hi,
and welcome to the forums.
You didn't mention so I am assuming you talk about LDAP servers.
The timeout settings are set in
config system global, that is, in CLI.
Have a look here: https://kb.fortinet.com/k....do?externalID=FD48351
That's great thank you.
We have a radius server and ldap.
config system global output shows - 'set remoteauthtimeout 30', but does not show 'set ldapconntimeout' i assume this is because we are using the default LDAP time of 500ms.
so if no response from radius within 30s, LDAP server will be used.
Thanks again.
Two hints:
- yes, this setting is there. You probably issued a "show", which only shows settings different from the default value. Use "show full" to see all options.
Please note that the default LDAP timeout value is 500 milliseconds (the other setting is in seconds).
- 30 sec timeout on RADIUS is quite a lot. I would expect a reply in at most 1-2 seconds.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.