Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello, I think you have a certification inspection issue. try on bypass that URL from SSL Inspection.
check in Monitor > Firewall User Monitor and check whether that user is authenticate, if it is there so your authenticate with AD it is working.
the user is not there.
The is happening, is that after login the mac show a windows for me, where it's ordering the user and password my firewall and after fill out show error the connection with the firewall.
check whether "Redirect HTTP Port" to HTTPS is Enable in System > Settings, if yes please desable it and try on.
the user is connect in NTLM, but don´t in FSSO, where i can't surf internet.
Hi,
your initial screenshot points more towards SSL cert issues, probably due to deep inspection.
If you resolved that and your MAC is inside domain, but your AD logon is not seen in FSSO on FGT, like in 'diag debug auth fsso list' , or in firewall (this part is checked in policies) ' diag fire auth list'.
Then it might be caused by FGT not knowing about your user from FSSO.
Check if you do have connected Collector agent via ..
diag debug en diag debug authd fsso server-status
Also, standalone collector is able to set which logon events it is processing. As during logon to domain there is whole lot of events, like 15, and for FSSO is useful just one or two of those.
In the past I seen that MacOS computers generated 4624 EventId types during their authentication to domain.
Therefore make sure your standalone collector has Advanced Settings > General > Windows Security Event Logs > Event IDs to poll = "2".
If you not have standalone collector, usual and cheapest way, then maybe let us know with more details about your setup.
Tomas Stribrny - NASDAQ:FTNT - Fortinet Inc. - TAC Staff Engineer
AAA, MFA, VoIP and other Fortinet stuff
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1705 | |
1093 | |
752 | |
446 | |
230 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.