Awesome video thank you! just wanted to mention that I was able to login to the SSL VPN portal but not to the LAN resources. Enabling NAT in the firewall policy fixed that issue.
hi may i know what fw version is running in your test environment? I can't import CA certificate having error "Incorrect certificate file format for CA/LOCAL/CRL/REMOTE cert. 😢
@@gercast82 Not if you point the client to the ssl port(636) and pre-accept the cert or turn off cert verification on the client. Who knows when MS CA is gonna crap the bed? This still keeps cleartext creds off the wire
The sound is really bad, but the most important information of the ldap server configuration on the Fortigate is to use the FQDN name of your LDAP server and not its IP address, as the certificate doesn't have the IP but the FQDN.
Awesome video thank you! just wanted to mention that I was able to login to the SSL VPN portal but not to the LAN resources. Enabling NAT in the firewall policy fixed that issue.
Hi, i have a question , how to setup the SSL VPN in order the users get connect to the VPN throught fqdn instead ip?
This worked perfectly for me. Thank you for the detailed direction.
hi may i know what fw version is running in your test environment? I can't import CA certificate having error "Incorrect certificate file format for CA/LOCAL/CRL/REMOTE cert. 😢
how i can make the vpn connected only through domain laptop only , not personal laptop or phones
Hi, how I get file self-sign in Server-Certificate?
Dear PeteNet, m.b. you know how to configure inactivity shutdown after 10 min inactivity? Thank You.
Hi thare, how can i finde tutorial where you prepared Windows server roles: Certification autority and NPS? Thank you!
You won't need all that unless using RADIUS. LDAP/S works direct from firewall to the DC.
@@Single_moms_suck_at_life You need a CA to LDAP over SSL (LDAPS) to work. In the other hand, LDAP doesn't need a CA.
@@gercast82 Not if you point the client to the ssl port(636) and pre-accept the cert or turn off cert verification on the client. Who knows when MS CA is gonna crap the bed? This still keeps cleartext creds off the wire
The sound is really bad, but the most important information of the ldap server configuration on the Fortigate is to use the FQDN name of your LDAP server and not its IP address, as the certificate doesn't have the IP but the FQDN.
Hi, i have a question , how to setup the SSL VPN in order the users get connect to the VPN throught fqdn instead ip?
very nice instructions..i used it verbatim
thank you for such a detailed instuction.