FAC/FSSO Ip address conflict

Forum|Forum|2 months ago
March 27, 2026
2 replies
142 views

Hi,

I use the FortiClient Single Sign-On Mobility Agent and I am facing an issue: FAC registers all user IP addresses.
Let’s consider two users: one connected remotely through VPN and one connected from the corporate LAN. The home network IP address of the remote user overlaps with the IP address of the user in the corporate LAN. As a result, one of the users is removed from FortiGate/FAC with the following error:
Internally logoff and removing FortiClient item 11024-HR.xxx.xxx:192.168.12.26 [xxx.xxx/j**bleep**h] (all IPs conflicting).
I believe that during the initial FAC/EMS configuration I chose the option to register all IP addresses, but now I cannot find this setting. I am not sure whether I am simply overlooking it or whether it disappeared after an update.
How should this be handled?

Regards,

Lukasz

AEK

SuperUser

Hi Lukis

If you use VPN then you need to enable "Share all FortiClients" in EMS under menu "security fabric devices", since the FGT is not the gateway of you clients.

AEK

lukis2Author

New Member

Here is my configuration:

AEK

SuperUser

The config looks fine.

Honestly I don't know if this can be fixed from EMS/FAC side. And I don't see another clean solution than resolving the IP conflict.

AEK

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded