- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
RSSO issue on FG 600D
Hi
i need to make recognition of all users loged on to the network.
FSSO works fine but it does not recognize users that are using non domain computers.
I need to implement RSSO to recognize all users in my network
i have
Windows NPS 2008
VDOM1
- RADIUS MAIN SERVER NETWORK 1.1.0.0/24 (RADIUS, AD, DHCP, DNS serwers are in that network)
- RIADIUS FORWARDERS NETWORK 1.1.1.0/24 (Netsight and NAC gateways - Pre-radiussevers)
VDOM2
- USERS NETWORKS about 30 LANS 2.1.X.X/24
I need to see in VDOM2 on Firewall Userr Monitor all of users that are using network even if they have not computer joined to the windows domain.
HOW ?
RSSO which is described n fortinet library seams to be..... not working
please help
- Labels:
-
5.6
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Marek,
could you show us config or at least relevant parts ..
show user radius
show user group
show firewall policy
and some authed user lists
diag firewall auth list
diag test app radiusd 33
.. and I'd also suggest to sniff RADIUS traffic on port 1813 udp (aact)
Kind regards,
Tomas
Tomas Stribrny - NASDAQ:FTNT - Fortinet Inc. - TAC Staff Engineer
AAA, MFA, VoIP and other Fortinet stuff
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
i cannot ad connfig here
is it possible you to write a propper config of FG?
i need to see users which are online on mu FG and i need to do that with radius.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
for proper config, there should be examples in admin and user auth guides.
for user list, that's why there are those two 'diag' commands in my previous post.
Or you can use Monitor/Firewall-user-monitor from GUI.
Tomas Stribrny - NASDAQ:FTNT - Fortinet Inc. - TAC Staff Engineer
AAA, MFA, VoIP and other Fortinet stuff