Technical Note: FortiGate and Palo Alto Single Sign On stop working after upgrade
Description
FortiGate RSSO and Palo Alto Single Sign On (SSO) stop working after upgrading appliance.
Scope
Version: 8.5 and above
Solution
FortiGate RSSO and Palo Alto Single Sign On (SSO) stop working after upgrading appliance.
Scope
Version: 8.5 and above
Solution
Due to a change in functionality with the introduction of Logical Networks, a Network Access Policy match is required for the user-id to be sent to the firewall.
Create a Network Access Policy to match hosts and assign the appropriate network access. For instructions, refer to section Network Access Policies of the Administration Guide in the Fortinet Document Library.
Note: See related KB article below for a known limitation with Logical Networks.
For integration instructions, refer to the following reference manuals in the Fortinet Document Library:
Related Articles
Technical Note: User ID information not sent to Palo Alto using logical networks