Help
FortiManager
FortiManager supports network operations use cases for centralized management, best practices compliance, and workflow automation to provide better protection against breaches.
Nur
Staff
Staff

Created on ‎08-14-2023 02:18 AM Edited on ‎08-14-2023 02:23 AM By Moderator

Article Id 268745

Technical Tip: Configuring FSSO from FortiManager

Description

This article describes how to configure FSSO from FortiManager and push the configuration to FortiGate.
Scope FortiManager and FSSO.
Solution

Refer to the steps below.

 

  1. Fabric View -> Create new fabric connector.
  2. Assign the AD IP Address -> FSSO Password -> default port 8000.

FSSO:

 

2.JPG

 

  1. When choosing the collector agent, there are two types the user/group will display. The setting can be viewed from the 'set directory access' information.

5.JPG

 

'Standard' show the mydomain/mygroup.

'Advanced' shows the LDAP Distinguished Name.

The following screenshot from a lab test shows the standard settings:

 

3.JPG

 

Before selecting Ok, ensure the FortiManager is able to poll a list from FSSO by selecting 'apply & refresh'.

 

  1. After, create the following objects to assign to the policy rules.

policy.JPG

 

  1. From FortiGate, the FSSO object can be seen.

11.JPG

 

  1. Verify from the FSSO side as it displays the FortiGate information and not the FortiManager information.

 

12.JPG
941
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.