Can't connect LDAP Server to Fotigate Firewall

Alex Shundrin 20

I have two Firewall one in Israel second in Europe
Our LDAP server placed on AzureCloud.eastasia Server. FW from IL have connection to LDAP and all works fine.
When im trying to connect FW from Europe it's don't find it, FW don't get receive from LDAP server.

Can it be because of bad route between Europe and east Asia hosts ?

Chris Hailes 80 Reputation points

2023-11-01T05:55:45.9533333+00:00
Alex,

Here are a few things that I would check:

Virtual Network Peering between the two Virtual networks used in this solution.

Network Interface - Effective Routes (which you can see from the VM Network Interface)

If you can validate that the two networks can see each other than you would need to review and NSG's associated on either side.

Just my two cents
KapilAnanth-MSFT 46,776 Reputation points Microsoft Employee

2023-11-01T09:15:21.0233333+00:00
@Alex Shundrin

Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.

From my understanding,

You have a VM in Azure acting as Firewall (NVA)

One in Israel, One in Europe

You have a VM acting LDAP server in East Asia

Connection between the NVAVmIsrael and LDAPserverEastAsia is working fine

However, Connection between the NVAVmEurope and LDAPserverEastAsia is not working.

Please correct me if I am wrong.

Can you please share the network architecture your environment?

Is the VNET of NVAVmEurope and LDAPserverEastAsia peered?

How are you testing the connectivity?

Are you using ICMP Ping or TCP Ping?

Cheers,

Kapil
KapilAnanth-MSFT 46,776 Reputation points Microsoft Employee

2023-11-02T08:42:05.0633333+00:00

@Alex Shundrin

Could you please provide an update on this post?

Kindly let us know if this helps or you need further assistance on this issue.

Thanks,

Kapil
KapilAnanth-MSFT 46,776 Reputation points Microsoft Employee

2023-11-03T06:12:13.88+00:00

@Alex Shundrin

Reaching out to check if there are any questions on this.

Please let us know if we can be of any further assistance here.

Thanks,

Kapil
Alex Shundrin 20 Reputation points

2023-11-05T10:21:36.7533333+00:00

HI, we solved issue, it was related to Network rules in Azure.
In tab " Network security groups " i added FW IP to whitelist and got the connection.
KapilAnanth-MSFT 46,776 Reputation points Microsoft Employee

2023-11-06T06:34:33.6666667+00:00

@Alex Shundrin

Thanks for the info.

Accepting one's own answer is not supported in Q&A as of now.

I shall summarize the comments and post it as a new answer.

I would highly appreciate if you could Accept the answer and close this thread. Original posters help the community find answers faster by identifying the correct answer.

Thanks,

Kapil

Accepted answer

KapilAnanth-MSFT 46,776 Reputation points Microsoft Employee

2023-11-06T06:36:15.9466667+00:00
@Alex Shundrin

Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.

From my understanding,

You have a VM in Azure acting as Firewall (NVA)

One in Israel, One in Europe

You have a VM acting LDAP server in East Asia

Connection between the NVAVmIsrael and LDAPserverEastAsia is working fine

However, Connection between the NVAVmEurope and LDAPserverEastAsia is not working.

I suggested to check

Is the VNET of NVAVmEurope and LDAPserverEastAsia peered?

Test the connectivity:

Using ICMP Ping or TCP Ping

Meanwhile, you informed us, you whitelisted the FW IP the connection started working.

Thanks,

Kapil

Please don’t forget to close the thread by clicking "Accept the answer" wherever the information provided helps you, as this can be beneficial to other community members.
Please sign in to rate this answer.

0 comments No comments
Sign in to comment

Use comments to ask for clarification, additional information, or improvements to the question.

Share via

Can't connect LDAP Server to Fotigate Firewall

0 additional answers

Your answer