IP-based kerberos authentication problem

Support Forum

The Forums are a place to find answers on a range of Fortinet products from peers and product experts.

Hi all,

we have a problem with explixit webproxy in combination with kerberos. Problem is that our client pc or laptop had services that are contacting the firewall befor user is logged in with ad credentials. So we see on the fortigate in firewall user monitor not the user but the the hostname of the laptop (for example laptop1234$@test.local)(picture enclose). Now if the user is logging in and open a browser he will see an autentication failure. If we do an manual deautenticate of the laptop1234$ in firewall user monitor and than the user is opening a browser window everything is working fine.

That is only happening if we have ip-based enabled. If we disable ip-based this problem not happen but we have other problems with applications that are not like webproxy. So we have to use ip-based.

Thanks

37 KB

1826

0 REPLIES 0

Top Kudoed Authors

User

Count

2243

1218

771

451

366

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

IP-based kerberos authentication problem

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website