We have the corp office setup with local LDAP and an FSSO collector. We are able to set policies based on groups which is great, thanks to some of the posts of this forum.
We are setting up a Fortigate thats in another office 50 miles away. I set LDAP to the local domain controller over there. I set the FSSO collector info. Its able to pull groups, etc but the FSSO collector shows down. I'm pointing it to the Corp FSSO collector.
The firewall policy allows all traffic back to corp. Do I have to setup a FSSO collector at each office? The DC Agents are installed on domain controllers. Not sure why its showing down.
Anyone else able to setup a FSSO on a remote Fortigate and have it connect back to the collector at the Corp office?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello,
Ensure that firewalls are allowing the FSSO required ports through.
FSSO has a number of required ports that must be allowed through all firewalls or connections will fail. These include: ports 139, 389 (LDAP), 445, 636 (LDAP) 8000, and 8002.
Also check the password that you are using to connect FGT Firewall with FSSO collector agent.
Review the following articles:
https://community.fortinet.com/t5/FortiGate/TroubleshootingTip-General-troubleshooting-for-FSSO/ta-p...
https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-collect-FSSO-collector-agent-DC-age...
BR
Hello
So there is one recommendation to allow port 8000,8002 on sever side.
Some times server rejects request initiated by fortigate please check configuration.
Here is the link to allow port on AD
https://community.fortinet.com/t5/FortiGate/Technical-Note-Allowing-FSSO-Ports-when-using-Windows-Se...
Thanks & Regards
Mayank Sharma
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1502 | |
1011 | |
749 | |
443 | |
209 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.