Help
Cybersecurity Forum

This forum is for all security enthusiasts to discuss Fortinet's latest & evolving technologies and to connect & network with peers in the cybersecurity hemisphere. Share and learn on a broad range of topics like best practices, use cases, integrations and more. For support specific questions/resources, please visit the Support Forum or the Knowledge Base.

paul_woods
New Contributor

Created on ‎12-01-2017 03:26 AM

Forigate 300D with 5.4.5 - how do you assign AD groups to security/Web filtering policies?

Hello,

We are configuring our first Fortigate 300D with FortiOS 5.4.5.

We need to know how to assign MS AD groups - we have connected AD to the firewall - to security/Web filtering policies, so we can have multiple filtering policies applied at a time because one of these is domain users they would overlap?

Thanks in anticipation of your help or pointing me in the right direction for documentation,

Paul

Labels:
261
0 Kudos
3 REPLIES 3
chtal1980
New Contributor

Created on ‎12-11-2017 04:24 AM

https://docs.fortinet.com/uploaded/files/2808/fortigate-authentication-54.pdf

246
0 Kudos
makco10
Contributor II

Created on ‎07-20-2018 11:06 AM

Hello,

Check this link: Single Sign-On using LDAP and FSSO agent in advanced mode (Expert) - Fortinet Cookbook
Fortinet Cookbook remove preview
Single Sign-On using LDAP and FSSO agent in advanced mode (Expert) - Fortinet Cookbook
This recipe illustrates FortiGate user authentication with FSSO. In this example, user authentication controls Internet access and applies different security profiles for different users. 1. Integrating the FortiGate with the LDAP server Go to User & Device > Authentication > LDAP Servers to configure the LDAP server. 2.
View this on Fortinet Cookbook >



------------------------------
Marcos Avila [Designation]
Ingeniero de Soporte
[CompanyName]
[City] [State]
[Phone]
------------------------------
Defend Your Enterprise Network With Fortigate Next Generation Firewall
Defend Your Enterprise Network With Fortigate Next Generation Firewall
246
0 Kudos
DeepKuma2
Contributor

Created on ‎07-21-2018 12:00 AM

Hi,

Q: we can have multiple filtering policies applied at a time because one of these is domain users they would overlap?
Ans: Firewall policies will work on top to down order list. If the first policy will match with the source, destination, services etc then it will not check any other policies. 

I am not sure, how are you going to configure the AD authentication? But the best method as SSO (Single Sign-on). 

https://docs.fortinet.com/uploaded/files/1675/providing-Single-Sign-On-for-Windows-AD-with-a-FortiGa...


Single Sign-On using LDAP and FSSO agent in advanced mode (Expert) - Fortinet Cookbook

Fortinet Cookbook remove preview
Single Sign-On using LDAP and FSSO agent in advanced mode (Expert) - Fortinet Cookbook
This recipe illustrates FortiGate user authentication with FSSO. In this example, user authentication controls Internet access and applies different security profiles for different users. 1. Integrating the FortiGate with the LDAP server Go to User & Device > Authentication > LDAP Servers to configure the LDAP server. 2.
View this on Fortinet Cookbook >








------------------------------
Deepak Kumar
[CompanyName]
[City]
------------------------------
Deepak Kumar First Option General Trading LLC Dubai
Deepak Kumar First Option General Trading LLC Dubai
246
0 Kudos
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.