Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
AndreasMoroder
New Contributor II

Authentication failure on gui login (6.4) from other network

Hello,

when I login to fortigate using firefox from the same network as the FW then it works.

When I try to login from a machine that is non another network ( also other port on the FW) then I get an authentication error. I even copied the firefox profile from the machine where it works to the other.

There is another firewall inbetween, but 443 and 80 are open.

Areother ports needed or does the default configuration limit the login from other networks?

 

Greetings

Andreas

 

----------------
----------------
1 Solution
pminarik
Staff
Staff

> then I get an authentication error

Can you share with us what that exact error is? A picture would be useful, as it may help us narrow down the possible reasons. Another thing you can do yourself: Immediately after failing again, log in in a way that works ("from the same network") and check the System Event log. If you find the failed login there, it may also tell you why the login failed.

[ corrections always welcome ]

View solution in original post

7 REPLIES 7
srajeswaran
Staff
Staff

Is there a trusted host configuration ?

 

ref: https://community.fortinet.com/t5/FortiGate/Technical-Tip-System-administrator-best-practices/t...

if the firewall in between is blocking connection, you won't get the login page itself( Here you are getting authentication error). You mentioned copied the profile, may be the passwords not synced correctly? Can you test a different/new username/password?

Regards,

Suraj

- Have you found a solution? Then give your helper a "Kudos" and mark the solution.

pminarik
Staff
Staff

> then I get an authentication error

Can you share with us what that exact error is? A picture would be useful, as it may help us narrow down the possible reasons. Another thing you can do yourself: Immediately after failing again, log in in a way that works ("from the same network") and check the System Event log. If you find the failed login there, it may also tell you why the login failed.

[ corrections always welcome ]
AndreasMoroder

Hello,

it was a policy that allowed login only from same network.

Greetings

Andreas

----------------
----------------
mle2802
Staff
Staff

Hi there,

Are you able to reach login page on the other network? Can you please also check if trusted host is configured on your FortiGate and try to create another admin with simple password then try on other machine. Please also try other browser such as Chrome and incognito tab. Refer to this document for more information "https://community.fortinet.com/t5/FortiGate/Technical-Tip-System-administrator-best-practices/ta-p/1...

Best regards,



AndreasMoroder
New Contributor II

Hello,

I can reach the login page but get this error. Edge and firefox give the same result.

 

Greetings

Andreas

 

 

 

 

fw.png

----------------
----------------
srajeswaran

Do you type the password manually or its cached/saved on browser? Can you try creating a new user from working machine and test it ?

Regards,

Suraj

- Have you found a solution? Then give your helper a "Kudos" and mark the solution.

pminarik

Definitely check the system event log in this case. Hopefully it will clarify the reason well enough.

 

logs_failed_admin_login.png

[ corrections always welcome ]
Top Kudoed Authors