Fortinet Community

jskinnerjr · ‎09-22-2022

Hello!

We use Fortinet FSSO to apply web content filtering.

When I log into the Domain Controller that has FSSO installed, it does not apply the web filtering to the user that is logged into that machine.

It works everywhere else, on our other domain controllers, 300 other machines, just not the one Domain Controller that FSSO is installed on.

Looking at the 'Currently Logon Users' list, it shows the user as logged in to other locations, as it should, and applies the filtering in those locations, but does not list that domain controller's IP for that user, so it doesn't seem to know the user is logged into the Domain controller hosting FSSO

Do I need to put a 2nd agent on another domain controller for it to properly apply filtering to the Domain controller that has the FSSO agent?

tthrilok · ‎09-22-2022

Hi jskinnerjr,

Thank you for the query!

I understand the users who are logged into the DC are not seen in the Firewall Current logged in user list, due to which your webfiltering is not working.

Could you please go to DC>FSSO Agent>Set Ignore List

Kindly check if you are seeing the IP of the DC is added in the list.

++ If so please remove it and test.

Thank you!

jskinnerjr · ‎09-27-2022

Thank you for the reply!

The ignore list has 1 user account entry, and thats it. Not mine.

The issue seems to only occur on the DC that FSSO is installed on.

Logon users list does not show any users logged into the DC, even though I am logged into it.

logon_event.log does Not show anyone logging into the DC, as if the FSSO can't detect someone is logging into the server.

Fortinet Community

FSSO agent - Not filtering user logged into DC where FSSO agent is installed