Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Joe_Mohtady
New Contributor

FortiGate Locking out Domain Accounts at first login

Hello Everyone we have a fortigate 310B with firmware 5.0.5 and a VM fortiauthenticator for two factor authentication through forticlient The authentication of our VPN requires the follows: Domain username Domain password + Token 6 digits the problem is when our users enters the domain password part wrong once it locks out the domain account and through sniffing port 1812 on fortigate it seems that fortigate makes three attempts with the radius server Is there anyway to make fortigate make one attempt each time the user enetr wrong domain password?
2 REPLIES 2
Bromont_FTNT
Staff
Staff

In the Radius Server setup try " Specify Authentication Protocol" instead of default
Joe_Mohtady
New Contributor

I have changed the RADIUS setting to different authentication protocols and the account keep locking after first trial, I dont know why fortigate keep attempting when the password with the token is wrong while for normal vpn users (without token) doesnt do that
Labels
Top Kudoed Authors