Friday, 21 June 2013

Fortinet PPTP VPN with LDAP authentication

With a somewhat fundamental documentation failure, it looks like FortiGate PPTP VPN do not support CHAP/MSCHAPv2 when you are authenticating your user groups via LDAP. According to Fortinet - this is something they're aware of and works using PAP. When I spoke with them this morning, I advised this is unacceptable as a workaround because it disables encryption! I'll update this when I get a real solution.

Update: Official answer, it's not supported. . I guess the solution is to use FortiClient (or Check Point...)