Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
ArifS
Contributor

Can't send email from FortiAuth

I am getting following error when trying to test email from FortiAuth. It was working fine few weeks ago. The same username and password for smtp account work with printer.

Error: Unable to send a test email: Submitter failed to authenticate. Please check your server configuration.

 

 

9 REPLIES 9
akanibek
Staff
Staff

Dear @ArifS

you can try to make a packet capture and reproduce the issue. Seems like password has been changed. Could you cross-check password of using user?

Asset
ArifS
Contributor

I capture packet and opened in wireshark but dont know how to find where the errors are. It shows brown line for smtp communication though. I also tried another working smtp account and didnt work.

akanibek

Are you able to share outputs from PCAP file without private details? otherwise, here you can find SMTP succeeded pcap file and compare outputs:

https://wiki.wireshark.org/SampleCaptures

Asset
rbraha
Staff
Staff

Hi @ArifS 

 

Additionally try to restart radius service on FAC cli : diag authentication restart  and test again sending email.

ArifS
Contributor

I will restart FortiAuth tonight and see if it fixes the issue.

ArifS
Contributor

We found that issue related to TSL. The smtp server only support TLS 1.2 and above, so how can I enabled TLS 1.2.

akanibek

Dear @ArifS,

Which port do you use for SMTP, and do you use Secure Connection > STARTTLS?

Asset
LuccaDeacon
New Contributor

Review the server configuration on the email server side to ensure it allows authentication from FortiAuth. You can test the SMTP connection using another email client or utility to determine if the issue is specific to FortiAuth.

ArifS
Contributor

There is only two option, None and StartTLS.

The same smtp account works with other applications. I even tested with dell idrac after settings its web server to tsl 1.2. 

If I use port 587 with none or starttls, it does not work, but it works on port 25 with 'None' option.

 

Labels
Top Kudoed Authors