Hi,
I configured Fortigate (Fortios 6.2) as an explicite proxy with FSSO authentication, everything work well for wired users with domain devices.
Is there a way to use FSSO to athenticate also Corporate Wifi Users already authenticated with 802.1x with an aruba controller ?
Best regards
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Yes, and usually is called RSSO.
All of 802.1x auth setups I saw relied on RADIUS authentication between end point and WLC (wireless controller) handling particular AP through which user connected. That WLC or RADIUS server can send RADIUS Accounting messages to FSSO Collector. Either to FAC (FortiAuthenticator), standalone FSSO Collector installed on DC, or FortiGate (FGT) handling RSSO/FSSO. Any of those 3 solutions then process RADIUS Accounting Start/Stop/Interim messages to create authenticated user either in FW (FGT) or as FSSO user record and distribute to connected FSSO clients/FortiGates (FAC/standalone Collector). Solution on FGT is slightly different as it is older then RADIUS to FSSO implemented in FAC/standalone Collector.
Tomas Stribrny - NASDAQ:FTNT - Fortinet Inc. - TAC Staff Engineer
AAA, MFA, VoIP and other Fortinet stuff
Hello everyone! I am precisely in a case that is related to the integration of FSSO-Radius Accounting (NPS). So as soon as it is finished I leave you the feedback for future cases
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1679 | |
1085 | |
752 | |
446 | |
226 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.