Description |
This article describes how FortiAuthenticator can sometimes display duplicate and disconnected DC Agents. |
Scope | FortiAuthenticator |
Solution |
FortiAuthenticator can sometimes display duplicate DC Agents under Monitor -> SSO -> DC/TS Agents:
Some of the duplicate entries may show as disconnected.
This is caused by the following:
- When a DC Agent sends an event login to FortiAuthenticator, FortiAuthenticator will on occasion try to look up the DC Agent host’s hostname.
- It will do a reverse lookup for the DC Agent source IP.
- If this is successful, it will add a DC Agent entry to its table with the hostname.
- If this fails, it will add a DC Agent entry to its table with the IP.
If the reverse DNS lookup first fails, and then succeeds, or vice-versa, this causes FortiAuthenticator to have two DC Agent entries, one of which may show as disconnected.
Pointing both DNS server entries (under System -> Network -> DNS) to an internal DNS can reduce occurrences of this issue.
Deleting the DC Agents and waiting for FortiAuthenticator to add them back as new DC Agent traffic comes will also temporarily resolve the issue. |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.