Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            (V3.x) What IPs do I use in my firewall rule to allow LDAP / LDAPs / SMTP traffic to my LDAP / Active Directory Server / SMTP Gateway(s)?

            Modified on Tue, 22 Oct at 4:54 PM

            FAQ: What IPs do I use in my firewall rule to allow LDAP / LDAPs / SMTP traffic to my LDAP / Active Directory Server / SMTP Gateway(s)?


            In order to be able to import users from an LDAP or Active Directory, the Security Awareness and Training Service must be allowed to access the server. Before this can be done, in most cases, this requires creating a firewall rule to allow traffic in. 

            For the Fortinet Security Awareness and Training Service, you should create a firewall rule to allow traffic from the following IPs:

            If you selected to store your data in the US when you initialized your service, then use these IPs:

            54.69.233.204

            35.165.54.209

            35.81.112.57


            For the Fortinet Phishing Simulation Service, you should create a firewall rule to allow traffic from the following IPs:

            154.52.1.119


            If you selected to store your data in EMEA when you initialized your service, then use these IPs:

            3.77.188.254

            35.157.179.181

            18.194.82.115


            For the Fortinet Phishing Simulation Service, you should create a firewall rule to allow traffic from the following IPs:

            154.52.1.119


            If you do not know what option you selected, you can open a ticket by emailing infosec_support@fortinet.com with a subject of:  Please provide my user data storage country.


            If you would like assistance testing your firewall rule, Directory conectivity and LDAP filters or SMTP settings, you can also request the IP address of one of our Deployment coordinators. Temporarily adding their IP will allow them to verify all settings and assist in troubleshooting the configuration.


            You can further limit this traffic to the port that your LDAP or Directory / SMTP Gateway(s) server(s) listen on (and that is configured both on the Directory Server and Security Awareness and Training Service).  Please check with your Directory administrator / email administrator to determine the listen port for your Active Directory / SMTP servers.  The registered industry standard/default ports are:  LDAP:  389  /  LDAPS: 636 / SMTP: 25

            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0