Description
This articles describes how to fix the issue when LDAP users cannot connect with Windows L2TP native client.
Solution
LDAP user authentication is supported for PPTP, L2TP, IPsec VPN, and firewall authentication but due to point-to-point protocol limitations, only PAP (Packet Authentication Protocol).
As Windows native client uses MSCHAP or MSCHAPv2 by default, it is possible to change it to PAP: in Security tab of L2TP connection setting, select 'Advanced', select 'Settings', enable 'Unencrypted password PAP' and select 'OK'.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.