Help
FortiSwitch
FortiSwitch: secure, simple and scalable Ethernet solutions
laltuzar
Staff
Staff

Created on ‎09-07-2023 10:15 PM Edited on ‎01-17-2024 09:37 AM

Article Id 272705

Technical Tip: Error on FortiSwitch GUI 'Forbidden You don't have permission to access this resource. Reason: Cannot perform Post-Handshake Authentication'

Description

This article describes how to fix the error appearing from time to time to users who upgraded FortiSwitches to 7.4.0 or earlier and started to get the error:

'Forbidden
You don't have permission to access this resource. Reason: Cannot perform Post-Handshake Authentication'
Scope

FortiSwitch OS 7.4.0 or above.
Solution

Disable strong crypto, then reboot the FortiSwitch:

 

config system global
set strong-crypto disable
end

 

If the issue persists, try to set the FortiSwitch TLS version to 1/1/1.2 as follows:

 

config system web
set https-ssl-versions tlsv1-1 tlsv1-2
end

 

For Firefox, it is possible to fix it in 'about:config', and set 'security.tls.enable_post_handshake_auth' to 'true'.

 

This procedure might help also for errors where the GUI is accessible, The user can log in successfully and the dashboard is shown correctly but when navigating through the GUI to other menus, there is an error as shown below.

 

User can log in correctlyUser can log in correctly

 

Dashboard is shown correctlyDashboard is shown correctly

 

Issue after trying to navigate through GUIIssue after trying to navigate through GUI

 

2478
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.