Friday, 21 June 2013

Fortinet PPTP VPN with LDAP authentication

With a somewhat fundamental documentation failure, it looks like FortiGate PPTP VPN do not support CHAP/MSCHAPv2 when you are authenticating your user groups via LDAP. According to Fortinet - this is something they're aware of and works using PAP. When I spoke with them this morning, I advised this is unacceptable as a workaround because it disables encryption! I'll update this when I get a real solution.

Update: Official answer, it's not supported. . I guess the solution is to use FortiClient (or Check Point...)


  1. As we work our way through Virtual Private Networks and how they can be used to guarantee that Internet security is never traded off, it's vital to recognize the contrast amongst VPNs and Proxy Servers.