Hello All,
I have Fortinet Single Sign-On (FSSO) Agent installed in DC Agent mode on both of my domain controllers (DC01 and DC02).
Is there anything else I can check to resolve this issue? I have not yet reinstalled the FSSO agent on DC02.
Any guidance would be greatly appreciated.
Solved! Go to Solution.
The most typical cause is Windows Firewall blocking it.
Make sure you allow the traffic on the Collector's side. In this case it will be incoming UDP/8002.
It looks like the problem was with the Windows Firewall, although it wasn't obvious at first since UDP port 8002 seemed to be listening on both servers (as shown by netstat -ao). When I tested the port using portqry (from a remote server: portqry.exe -n <Server_IP> -e 8002 -p UDP), I received a listening/filtering response on both servers. So, I created inbound rules on DC01 and DC02 to allow UDP port 8002. On DC01, I allowed UDP 8002 from DC02, and on DC02, I did the reverse. This immediately increased the list of Logon Users on DC01 as well as on the firewall.
Thank you all for your help!
It looks like the problem was with the Windows Firewall, although it wasn't obvious at first since UDP port 8002 seemed to be listening on both servers (as shown by netstat -ao). When I tested the port using portqry (from a remote server: portqry.exe -n <Server_IP> -e 8002 -p UDP), I received a listening/filtering response on both servers. So, I created inbound rules on DC01 and DC02 to allow UDP port 8002. On DC01, I allowed UDP 8002 from DC02, and on DC02, I did the reverse. This immediately increased the list of Logon Users on DC01 as well as on the firewall. Thank you all for your help!
The unfortunate trick is that the firewall won't prevent a process from binding to the socket and listening on a specific port (it will show up in netstat output, as you found out), it will only stop it from actually receiving those packets.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1736 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.