FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
This article explains how Kerberos Authentication is not supported for FTP Explicit proxies and suggests alternative authentication methods.
Explicit proxies in FortiGate can use a Kerberos-enabled external server for authentication, as detailed in the Explicit proxy authentication section of the FortiGate Cookbook. However, FTP explicit proxies do not support Kerberos authentication.
If IP-based authentication is enabled, FTP explicit proxies support basic authentication and SSO-based authentication methods, such as FSSO and RSSO. If IP-based authentication is not enabled, only basic authentication is supported.
Consider using one of these authentication methods instead, based on your proxy setup.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.