Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
albaker1
Contributor

Need to block access to FortiManager, similar to local-in-policy

We've been managing our FGTs with FMG for a while, and we've been trying to figure out how to restrict access to the FMG. We are using SAML SSO, so trusted hosts option isn't available - at least, it doesn't appear that logins for SSO can be restricted to trusted hosts. I also don't see an option for implementing local-in-policy. Even though all our FGTs are controlled by these controls, our FMG isn't - anyone in our organization can attempt to login, though we do have logins restricted to a particular group. Especially in light of the critical FMG vulnerability last year, this seems like a serious oversight if it can't be done - hence, I believe it can, but we just can't find the right area to configure.

 

How are you folks approaching limiting access to which hosts can log into the FMG?

11 REPLIES 11
albaker1

Chris: I wasn't aware of this. I'll get with our team that handles that. I appreciate the info.

 

Toshi, FMG is 7.2.8, so I'll check this out.

 

Thanks all for the replies.

 

Toshi_Esumi

Ours is also 7.2.8. I verified it's there in CLI. Not sure about GUI though. I assume GUI wouldin't be there until 7.6.x or something, since even FGT started with 7.6.x for GUI part.

Toshi

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors