I need to configure the fsso agent in the organization. We have 6 locations, each fg is connected by IPSEC VPN, vlans. The FSSO is already configured in a FG. My question is if I have to configure the FSSO in each FG to be able to access the Internet per network user? Or you can use the FSSO that is configured in the main FG for all the other FGs. I have been looking for information, and it seems that you can use the IPSEC VPN. Has anyone done this setup?
You must configure FSSO on each of the six sites if you want user-based authentication for internet access across all six locations. Via the IPSEC connection between the Fortigate, you can link the Fortigate security fabric connectors to the collector agent server in HO.
Hello, thanks lazaro for your comments, what I am currently doing is using the fsso agent that I already have installed on my server and configuring it on my other firewall. I already have it set up and it's in sync, however it's not authenticating the groups. According to what I read in the communications, I notice that the current version of the agent is an old version, therefore I am proceeding to update the agent. since in my main firewall the groups do not authenticate either. Has something similar happened to you?
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.