Hi,
I configured Fortigate (Fortios 6.2) as an explicite proxy with FSSO authentication, everything work well for the domain devices, but some employees still use laptops, that are not part of the Domain, and for this type of the devices the FSSO Auth dont work.
Is there a way to set up a secondary Auth as a backup for the first FSSO Authentication, by using authentication rules ?
Best regards
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
that's exactly what authentication rules/schemes/settings are meant for.
How about something like fallback to NTLM (or better to Kerberos but ATM I have none set)?
config authentication scheme edit "NTLM" set method ntlm set fsso-agent-for-ntlm "CollectorAgent" next edit "FSSO" set method fsso next end
config authentication setting set active-auth-scheme "NTLM" set sso-auth-scheme "FSSO" end
Tomas Stribrny - NASDAQ:FTNT - Fortinet Inc. - TAC Staff Engineer
AAA, MFA, VoIP and other Fortinet stuff
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1692 | |
1087 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.