Not sure if this is the correct forum....
We are testing out the explicit proxy. We first tried using Digest auth (between the client and the FG) with LDAP to authetnicate the client. Doesn't work. Fortinet sort of acknowledges this is broke. :( BTW - you cannot enable Digest auth via the web interface as it gives an error, but you can enable it via the CLI.
Second, we tried using the portal page whereby users have to authenticate via a Fortigate webpage. We ran tcpdump/wireshark and observed that the users credentials were being passed in CLEAR TEXT from the user to the Fortigate. I'm not sure if this is the default behavior but.....anyway to force TLS for passing the credentials between the user and the Fortgate?
What is the deal with this product? Why in the world would they EVER think it's acceptable to pass credentials in CLEAR TEXT???
Tom
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.