Looks like FortiAuthenticator 4.3.0 (build 0216) firmware is out.
Per release notes, it now allows you to turn off FTM push notifications for radius users. There are a number of bug fixes, including better logging and reports of push notifications.
Unfortunately for me, "Known Issues" still lists the bug I ran into with EAP, and a possibly related one:
375401 Password authentication fails for admins in EAP. 392437 SSH FAC login fails using CHAP/MS.CHAP/MS.CHAPv2 authentication to Cisco ACS remote RADIUS users.
Anybody upgraded to 4.3.0 yet? I'd like to not be the first this time!
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Heh, they already released 4.3.1. Looks like they may have caught and fixed the bug you describe, sergey.
412109 Fixed issue regarding user names having mixed capitalization after synchronization with remote LDAP server. This fix addressed users being authenticated without being prompted for a FortiToken code.
I am going to wait until 4.3.1 is out. But I am excited about the ability to use wildcards/subnets for RADIUS client IP. Will enable us to consolidate other RADIUS servers into just the FACs.
4.3.0 have problem with LDAP logins which have capital letters.
Setup: AD -> FA -> Netscaler:
users who are having LDAP login with the capital letters in the login name are unable to login.
Error message:
Remote LDAP user authentication with no token failed: NAS forces two-factor auth but user token not defined
Checkbox about "Remote RADIUS usernames are case sensitive" is unset
PLEASE FIX!
@sergey,
Have you created a support ticket for this? If not, please do so and report the bug!
This is just a discussion forum.
Thanks!
Heh, they already released 4.3.1. Looks like they may have caught and fixed the bug you describe, sergey.
412109 Fixed issue regarding user names having mixed capitalization after synchronization with remote LDAP server. This fix addressed users being authenticated without being prompted for a FortiToken code.
@tanr,
Yes, my issue was fixed.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1629 | |
1060 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.