• Anthony Thomas

    I have a site-to-site IPSec VPN with an active directory on one side.
    On the AD side, the Fortigate appliance can query the LDAP directory.
    On the other side, I can’t join the AD and as a consequence, I can’t query the LDAP.

    I use the LDAP for client-to-site VPN connection and would like to allow users to have the same authenfication on all sites.

    There is maybe a rule in the policy that needs to be added but the fortigate itself has no “interface” that can be used.

    Could you help me ?

    Thanks you very much for any help.

    • IcanHelp

      on the other site, into the fortigate, using CLI you can set the source-ip with one authorized into the VPN tunnel
      config user ldap
      edit “ldapserver”
      set server “x.x.x.x”
      set source-ip <- change the source ip, for the lan ip

  • raja yadav

    how to desable multiple login and allow single user/group for 2/3 no. of login in firewall 500D

  • Oliver Saywell


    Do you have a cookbook for configuring the SSL VPN tunnel with LDAP authentication?


  • Thomas Joyce

    I wish to list which users who have NOT used VPN in the last 60 days. If they’ve used it SSL or IPSEC