I have implemented FSSO authentication, but unauthenticated users which match the source network (but not FSSO group) can not access resources.
That's actually expected outcome as firewall is implicitly Deny:Any and so firewall policies are actual exceptions to that generic rule, right?
And as unauthenticated users do not and can not match to required/mandatory group, then "tho shell not pass".
To let them through use either:
- FSSO Guest group as last possible match
- set up fallback to other, active, auth method
Tomas Stribrny - NASDAQ:FTNT - Fortinet Inc. - TAC Staff Engineer
AAA, MFA, VoIP and other Fortinet stuff
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.