Hello forum,
We are using a fortigate 100D (v5.2.3,build670 (GA)) and try to configure FSSO-polling to a windows 2012 R2 AD.
we have configured LDAP (it works fine) and connection status is succesful. We are able to see all LDAP tree and LDAP authentication is working fine. We are using LDAP groups (for SSL VPN access).
But problem comes when we try to create the FSSO server.
using "diag debug fsso-polling detail" we get:
AD Server Status: port=auto username=administrator read log offset=0, latest logon timestamp: Thu Jan 1 03:00:00 1970
polling frequency: every 10 second(s) success(0), fail(1069) LDAP query: success(0), fail(0) LDAP max group query period(seconds): 0 most recent connection status: err: server can not be accessible
- We have tried with AD server firewall disabled and the user we are using is actually the built-in administrator account.
- We tried to configure FSSO-polling with also another AD (2003) and it is working fine.
Does anyone came across this problem with windows 2012 R2 before?
Thanks for any suggestions in advance,
Yiannis
Hi,
Did anyone come up with a fix for the original posters issue? I'm experiencing the exact same issue.
Cheers
Dylan
Would you consider to upgrade to version 5.2.7?
Hi Heskez,
Yes I would consider it if thats the only option, has this been identified as a limitation of 5.2.3?
Cheers
Dylan
I Don't know for sure, but we've experienced some troubles with FFSO in combination with 2012R2 with older firmware.
It's definitely worth to check the release notes.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.