Hello everyone
I'm currently facing a problem with FSSO dead entry detection.
When one user disconnects from his workstation, the dead entry is correctly detected on the Collector Agent after the dead entry timeout interval has elapsed, which removed the entry from logon user lists on the collector agent.
However, the entry isn't removed from the firewall on section "Firewall User Monitor".
Am I missing a parameter for login database synchronisation between collector agent and Fortigate ?
I'm running FortiOS 5.6.5 version on ESX VM, and my corresponding Collector Agent is running on Win7 Service Pack 1.
Thank you per advance for your feedbacks.
Best regards
Benjamin
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi Benjamin,
your undestanding is correct, if dead entry is expired, it's removed and notification of fsso logoff is send out to all interested Fortigates.
That being said, logon lists from CA must be in sync with fsso list (and also firewall auth list) on Fortigate automatically. If they are not, something is wrong.
I would suggest to investigate problem further with authd debug enabled on Fortigate to see what's up there once such a logoff message is received + making correlation with FSSO CA debug level logging.
-Fishbone
smithproxy hacker - www.smithproxy.org
Hello Fishbone
Thank you so much for your time and interest on this.
I'll try to figure out what is going on there.
BR
Benjamin
Hello Fishbone
Problem solved, i had information that Win7 which isn't a supported platform for CA installation.
Now the CA is directly installed on my Win2k8 DC server and logoff is correctly updated on Fortigate when dead entry occurs.
Thank you for your help.
BR
Benjamin
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1692 | |
1087 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.