We would like to be able to better identify users with our Fortigate, when we view FortiView, rather than just getting IP addresses to hunt down. Sometimes, the device name is shown, but not always and often I have to hit "Sources" under FortiView a second time for that to happen. If Fortigate can't do that , on it's own, is there another product or plug-in that would facilitate this ?
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
I know this is an old thread, but things got busy at work.
Just to be clear, I do NOT want to have users login IN to the Fortigate. I want to be able to link to Active Directory and pull the data for identification. Besides wanting to see a user name of the person sending data through the firewall, we need to be able to link Active Directory groups to the Fortigate web filter profiles. That is how we have been using iBoss and want to replace that device with our Fortigate. As an example, we create a group in AD and assign users to it. That group is also listed in the iBoss as a group we can define web access policies to.
Hi. FortiOS version? Last 6.0.4 have bug in fortiview.
Currently on 6.02, but will hit the "Update" button soon.
Most docs I've found talk about authenticating with the Fortigate, but that is not my goal. I just want a way to link the logged in user to the IP so I know who to call when I see stuff I need to ask about.
Do you have identification set on the interface? I haven't played around lately in this and we have the same issues with Forcepoint NGFW where end-users only need USER-ID and not authentication. They a FUID solution that a bitch and bear to get up and running but works fair to good in most cases.
PCNSE
NSE
StrongSwan
You need to setup FSSO in fabric connectors (polling AD or fsso agent), add fsso group, and you can see logged on domain users in fortigate web console Monitor-Firewall User Monitor. Or by command "diagnose debug authd fsso list" in CLI console. If users auth not needed you must use ipv4 policy without groups in rules, just ip or networks in source.
I know this is an old thread, but things got busy at work.
Just to be clear, I do NOT want to have users login IN to the Fortigate. I want to be able to link to Active Directory and pull the data for identification. Besides wanting to see a user name of the person sending data through the firewall, we need to be able to link Active Directory groups to the Fortigate web filter profiles. That is how we have been using iBoss and want to replace that device with our Fortigate. As an example, we create a group in AD and assign users to it. That group is also listed in the iBoss as a group we can define web access policies to.
Hi, i have the same problem, i need Active Directory username in fortiview.
In France, the law imposes to be able to identify a person if it has committed an offense on the internet
Dear John_Williamson,
It's possible visibility AD users in fortigate ? I can visibility some users with AD name but not at all.
Dears,
I have a firewall fortigate 100 in the HQ with internal ip 172.16.17.254. I have a firewall in the field office with ip 172.16.30.254. I can ping from the field office to HQ but can ping from HQ to filed office. What might be cause
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1669 | |
1082 | |
752 | |
446 | |
226 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.