Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
lokewing
New Contributor

Created on ‎03-11-2015 01:17 AM

Identity based policy missing

 Dear all,

 

currently i have a fortigate 100d with firmware version v5.2.0,build0589. i planing to manage user policy with Identity based policy feature. but i unable found this when i configure my policy. Any one can teach me how to enable Identity based policy feature?

Preview file
79 KB
Labels:
11836
0 Kudos
1 Solution
xsilver_FTNT
Staff
Staff

Created on ‎03-11-2015 01:30 AM

FortiOS 5.2.x , in contrary to 5.0.x or 4.3 do not use sub-policy levels for identity based policies.

It simply has users and groups as part of base match pattern aside to source/destination IP, Service etc. See GUI of the policy and "Source user(s)" selection box right within source identification.

I'd suggest to check FortiOS 5.2 Release Notes and What's new guide to get idea of auth differences between 5.0 and 5.2 style as the differ a lot.

Tomas Stribrny - NASDAQ:FTNT - Fortinet Inc. - TAC Staff Engineer
AAA, MFA, VoIP and other Fortinet stuff

View solution in original post

1817
0 Kudos
3 REPLIES 3
xsilver_FTNT
Staff
Staff

Created on ‎03-11-2015 01:30 AM

FortiOS 5.2.x , in contrary to 5.0.x or 4.3 do not use sub-policy levels for identity based policies.

It simply has users and groups as part of base match pattern aside to source/destination IP, Service etc. See GUI of the policy and "Source user(s)" selection box right within source identification.

I'd suggest to check FortiOS 5.2 Release Notes and What's new guide to get idea of auth differences between 5.0 and 5.2 style as the differ a lot.

Tomas Stribrny - NASDAQ:FTNT - Fortinet Inc. - TAC Staff Engineer
AAA, MFA, VoIP and other Fortinet stuff

1818
0 Kudos
lokewing
New Contributor
In response to xsilver_FTNT

Created on ‎03-11-2015 02:08 AM

xsilver wrote:

FortiOS 5.2.x , in contrary to 5.0.x or 4.3 do not use sub-policy levels for identity based policies.

It simply has users and groups as part of base match pattern aside to source/destination IP, Service etc. See GUI of the policy and "Source user(s)" selection box right within source identification.

I'd suggest to check FortiOS 5.2 Release Notes and What's new guide to get idea of auth differences between 5.0 and 5.2 style as the differ a lot.

thanks!

1785
0 Kudos
alexyamil
New Contributor
In response to xsilver_FTNT

Created on ‎10-22-2015 02:27 PM

xsilver wrote:

FortiOS 5.2.x , in contrary to 5.0.x or 4.3 do not use sub-policy levels for identity based policies.

It simply has users and groups as part of base match pattern aside to source/destination IP, Service etc. See GUI of the policy and "Source user(s)" selection box right within source identification.

I'd suggest to check FortiOS 5.2 Release Notes and What's new guide to get idea of auth differences between 5.0 and 5.2 style as the differ a lot.

 

So, if i authenticate a user and i cant see it on the monitor user, what can i do ? Also, when i logon by FSSO it doesn't Monitor those users too.

1785
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.