Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
ddabhade
Staff
Staff

Created on ‎10-28-2022 03:30 AM

Article Id 228205

Technical Tip: Kerberos authentication is not supported for FTP Explicit proxies, use possible alternatives

Description This article explains how Kerberos Authentication is not supported for FTP Explicit proxies and suggests alternative authentication methods.
Scope FortiGate, FortiProxy.
Solution

Explicit proxies in FortiGate can use a Kerberos-enabled external server for authentication, as detailed in the Explicit proxy authentication section of the FortiGate Cookbook. However, FTP explicit proxies do not support Kerberos authentication.

 

If IP-based authentication is enabled, FTP explicit proxies support basic authentication and SSO-based authentication methods, such as FSSO and RSSO. If IP-based authentication is not enabled, only basic authentication is supported.

Consider using one of these authentication methods instead, based on your proxy setup.

 

See the Explicit proxy authentication section in the FortiGate Cookbook for more information about explicit proxies, or the FTP proxy section for more information about FTP proxies. 
495
0 Kudos
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.