Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
accountforsupport
New Contributor

IP-based kerberos authentication problem

Hi all,

 

we have a problem with explixit webproxy in combination with kerberos. Problem is that our client pc or laptop had services that are contacting the firewall befor user is logged in with ad credentials. So we see on the fortigate in firewall user monitor not the user but the the hostname of the laptop (for example laptop1234$@test.local)(picture enclose). Now if the user is logging in and open a browser he will see an autentication failure. If we do an manual deautenticate of the laptop1234$ in firewall user monitor and than the user is opening a browser window everything is working fine.

 

That is only happening if we have ip-based enabled. If we disable ip-based this problem not happen but we have other problems with applications that are not like webproxy. So we have to use ip-based.

 

Thanks

 

 

0 REPLIES 0
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors