Hi,

you said ".. A policy rule was created by adding the user group".

Is the user group of Type "guest" ?

This is required otherwise it will not run.

I have the same configuration with a FGT60D for Wifi and it runs.

James,

Yes, I've mentioned that I am using a group of type guest in my first post. Anyways, it's working now after I renamed the auto-generated users. For example, renamed "user0001" to "Scott" and it worked. Strange but worked.

Thanks

Hi Technologist, sri you are right. I have overlooked the part with type guest. I have now tested it again with autogenerated user and it works. Username here was user0012. By the way I am now on V5.2.5 you also?

Which device you have?

James, no harm done at all. No, I am still on 5.2.4 and to be honest I don't want to upgrade unless there is an urgent need to do so. FSSO had a bug in 5.2.3 that forced me to upgrade to 5.2.4. FSSO now is working fine and I see no reason to upgrade.

Device is 80C (old b@st@rd) :)

Thanks

I think there is an urgent need to upgrade to 5.2.5. Have you  seen this bulletin from Fortinet? --snip ------ Customer Support Bulletin CSB-151124-1 "FortiGate flash disk errors" Potentially Affected Products: Low end FortiGate/FortiWifi models with flash storage 20C, 40C, 60C, 80C, 60D, 90D, 100D

Link: https://support.fortinet....lletin.aspx?section=46

Thanks for posting this bulletin link. Okay, I hope these issues are really fixed as this bulletin claims. My experience with upgrading FG units is not good because sometimes a failure happens somewhere or configuration doesn't work anymore. I think it's a good idea to read public comments who upgraded to this version and see if it's stable. I won't take the risk until it's properly tested.

Thanks

They have reduced the usage of flash memory as far as i can read. It is strange that some processes cause heavy disk usage to flash like  DHCP/PPPOE or Device identification. However the flash is not replaceable . It is firmly connected with the mainboard. Yes I also wait when a new Firmware comes up und read carefully the forum. My motto is also:  "never change a running System." In the years who I had to do with Fortigate Units there were relatively few problems with upgrades. But in some special cases you can never rule out what happens. A short  question I have on the subject and maybe you can help me. When a user has been successfully authenticated and then uses the Wifi-Device later again he must already authenticate again. Do you have this behavior seen too?

James, this has to do with authentication timeout. By default, it's 480 sec. As a security best practice, authentication timeout is necessary. Why is it a problem to you?

Thanks