Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Somashekara_Hanumant
Staff & Editor
Staff & Editor

Created on ‎09-10-2025 05:23 AM

Article Id 410150

Technical Tip: Viewing the username/IP address on traffic logs using FSSO server logged on users

Description This article describes how to view the username/ip address on forward traffic logs using FSSO logged on domain users, even though the FSSO user is not authenticated on the respective firewall policy.
Scope FortiGate, FSSO, Log.
Solution

To achieve this, FSSO should be configured:

 

fsso.JPG

 

Now, any user from the domain logs in to the AD server, then those users will be updated on the FortiGate user list as follows:

 

diagnose debug authd fsso list

IP: 10.108.3.14 User: NSE8-USER2 Groups: CN=NSE8-USER2,CN=USERS,DC=DXB-NSE8,DC=LAB+CN=USERS,DC=DXB-NSE8,DC=LAB+CN=DOMAIN USERS,CN=USERS,DC=DXB-NSE8,DC=LAB+CN=NSE8GRP,CN=USERS,DC=DXB-NSE8,DC=LAB+CN=USERS,CN=BUILTIN,DC=DXB-NSE8,DC=LAB Workstation: 10.108.3.14 MemberOf: CN=DOMAIN USERS,CN=USERS,DC=DXB-NSE8,DC=LAB CN=NSE8GRP,CN=USERS,DC=DXB-NSE8,DC=LAB CN=USERS,CN=BUILTIN,DC=DXB-NSE8,DC=LAB

 

Configure a firewall policy to allow the traffic from the internal interface to the external ISP interface (no FSSO User/Usergroup is selected under Source Option).

 

logs.JPG
142
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.