- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
AD with fortinet integration not working
Firewall_Robot # exec telnet 10.69.73.2 8000
Trying 10.69.76.2...
Timeout!
Failed to connect to specified unit.
Console line is in use. Clear it before next try.
Can i change the port anybody with solution please send
- Labels:
-
FortiConnect
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
What is the IP address 10.69.73.2 and the port no 8000.
Are you trying to setup ldap. Can you elaborate more on your issue
Salon Raj Joshi
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
i installed the Forti windows agent on my AD server and tried to use the external connector on my fortigate firewall but the status remained down i have open all ports on the AD server but the fortinet doesn't seem to connect when i check the show service status on the AD the fortigate is not listed i have changed the password multiple times
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Are you talking about FSSO?
take the pcap on the FGT
diag sniff packet any 'host x.x.x.x and port 8000' 4 0 l >> where x.x.x.x is the CA agent IP
FURTHER TRY TELNET TOO
Refer:-
Salon Raj Joshi
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2024-12-07 22:10:46.591094 internal out 10.68.78.1.8657 -> 10.69.73.2.8000: syn 2808678396
2024-12-07 22:10:50.601069 internal out 10.68.78.1.8657 -> 10.69.73.2.8000: syn 2808678396
This is my result from the test but telnet gives me the first reply what do you thing is the issue?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
From the capture we can clearly see from the FGT the traffic towards the server 10.69.73.2 is going out of the FGT but we do not see response coming back from the server. Also check if you are able to ping the server
Salon Raj Joshi
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The reason is because the fortigate is not showing on the server i have opened port 8000,8001, and 8002 which is a UDP port but the fortigate is not showing attached is the picture
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
It is a TCP port not the UDP. TCP 8000.
Further please open tcp port 8000 and check.
Also to confirm if the issue lies on the FGT or the server simultaneously take open capture on the server also on wireshark to see if the sync packet being received from FGT the server is replying with sync ack
Salon Raj Joshi
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @okorosylvester ,
Please also run WireShark on your AD server to make sure that the packets from FGT arriving on the server.
Jerry
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This the error i get from wireshark i need assistance to know which port i need to open