What IPs do I use in my firewall rule to allow LDAP / LDAPs traffic to my LDAP / Active Directory Server?

FAQ: What IPs do I use in my firewall rule to allow LDAP / LDAPs traffic to my LDAP / Active Directory Server?

In order to be able to import users from an LDAP or Active Directory, the Security Awareness and Training Service must be allowed to access the server. Before this can be done, in most cases, this requires creating a firewall rule to allow traffic in. 

For the Fortinet Security Awareness and Training Service, you should create a firewall rule to allow traffic from the following IPs:

44.199.89.48

23.23.99.234

For the Fortinet Phishing Simulation Service, you should create a firewall rule to allow traffic from the following IPs:

66.35.26.19

If you would like assistance testing your firewall rule, Directory conectivity and LDAP filters, you can also request the IP address of one of our Deployment coordinators. Temporarily adding their IP will allow them to verify all settings and assist in troubleshooting the configuration.

You can further limit this traffic to the port that your LDAP or Directory server listens on (and that is configured both on the Directory Server and Security Awareness and Training Service).  Please check with your Directory Administrator to determine the listen port for your Active Directory.  The registered industry standard/default ports are:  LDAP:  389  /  LDAPS: 636