Awesome video thank you! just wanted to mention that I was able to login to the SSL VPN portal but not to the LAN resources. Enabling NAT in the firewall policy fixed that issue.
The sound is really bad, but the most important information of the ldap server configuration on the Fortigate is to use the FQDN name of your LDAP server and not its IP address, as the certificate doesn't have the IP but the FQDN.
hi may i know what fw version is running in your test environment? I can't import CA certificate having error "Incorrect certificate file format for CA/LOCAL/CRL/REMOTE cert. 😢
@@gercast82 Not if you point the client to the ssl port(636) and pre-accept the cert or turn off cert verification on the client. Who knows when MS CA is gonna crap the bed? This still keeps cleartext creds off the wire
Awesome video thank you! just wanted to mention that I was able to login to the SSL VPN portal but not to the LAN resources. Enabling NAT in the firewall policy fixed that issue.
This worked perfectly for me. Thank you for the detailed direction.
Hi, i have a question , how to setup the SSL VPN in order the users get connect to the VPN throught fqdn instead ip?
The sound is really bad, but the most important information of the ldap server configuration on the Fortigate is to use the FQDN name of your LDAP server and not its IP address, as the certificate doesn't have the IP but the FQDN.
Hi, i have a question , how to setup the SSL VPN in order the users get connect to the VPN throught fqdn instead ip?
hi may i know what fw version is running in your test environment? I can't import CA certificate having error "Incorrect certificate file format for CA/LOCAL/CRL/REMOTE cert. 😢
thank you for such a detailed instuction.
very nice instructions..i used it verbatim
Dear PeteNet, m.b. you know how to configure inactivity shutdown after 10 min inactivity? Thank You.
how i can make the vpn connected only through domain laptop only , not personal laptop or phones
Hi, how I get file self-sign in Server-Certificate?
Hi thare, how can i finde tutorial where you prepared Windows server roles: Certification autority and NPS? Thank you!
You won't need all that unless using RADIUS. LDAP/S works direct from firewall to the DC.
@@Single_moms_suck_at_life You need a CA to LDAP over SSL (LDAPS) to work. In the other hand, LDAP doesn't need a CA.
@@gercast82 Not if you point the client to the ssl port(636) and pre-accept the cert or turn off cert verification on the client. Who knows when MS CA is gonna crap the bed? This still keeps cleartext creds off the wire