Authentication failure on gui login (6.4) from other network

AndreasMoroder · ‎09-11-2023

Hello,

when I login to fortigate using firefox from the same network as the FW then it works.

When I try to login from a machine that is non another network ( also other port on the FW) then I get an authentication error. I even copied the firefox profile from the machine where it works to the other.

There is another firewall inbetween, but 443 and 80 are open.

Areother ports needed or does the default configuration limit the login from other networks?

Greetings

Andreas

----------------

pminarik · ‎09-11-2023

> then I get an authentication error

Can you share with us what that exact error is? A picture would be useful, as it may help us narrow down the possible reasons. Another thing you can do yourself: Immediately after failing again, log in in a way that works ("from the same network") and check the System Event log. If you find the failed login there, it may also tell you why the login failed.

[ corrections always welcome ]

View solution in original post

srajeswaran · ‎09-11-2023

Is there a trusted host configuration ?

ref: https://community.fortinet.com/t5/FortiGate/Technical-Tip-System-administrator-best-practices/t...

if the firewall in between is blocking connection, you won't get the login page itself( Here you are getting authentication error). You mentioned copied the profile, may be the passwords not synced correctly? Can you test a different/new username/password?

Regards,

Suraj

- Have you found a solution? Then give your helper a "Kudos" and mark the solution.

pminarik · ‎09-11-2023

> then I get an authentication error

Can you share with us what that exact error is? A picture would be useful, as it may help us narrow down the possible reasons. Another thing you can do yourself: Immediately after failing again, log in in a way that works ("from the same network") and check the System Event log. If you find the failed login there, it may also tell you why the login failed.

[ corrections always welcome ]

AndreasMoroder · ‎10-01-2023

Hello,

it was a policy that allowed login only from same network.

Greetings

Andreas

----------------

mle2802 · ‎09-11-2023

Hi there,

Are you able to reach login page on the other network? Can you please also check if trusted host is configured on your FortiGate and try to create another admin with simple password then try on other machine. Please also try other browser such as Chrome and incognito tab. Refer to this document for more information "https://community.fortinet.com/t5/FortiGate/Technical-Tip-System-administrator-best-practices/ta-p/1...

Best regards,

AndreasMoroder · ‎09-13-2023

Hello,

I can reach the login page but get this error. Edge and firefox give the same result.

Greetings

Andreas

----------------

srajeswaran · ‎09-13-2023

Do you type the password manually or its cached/saved on browser? Can you try creating a new user from working machine and test it ?

Regards,

Suraj

- Have you found a solution? Then give your helper a "Kudos" and mark the solution.

pminarik · ‎09-13-2023

Definitely check the system event log in this case. Hopefully it will clarify the reason well enough.

[ corrections always welcome ]