Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
aguerriero
Contributor II

ZTNA Forticlient authentication popup just counts down to zero.

8ac04bb8-80db-41ed-8682-ebf6f492faa9.PNG

Does anyone ever get a popup that just counts down and to nothing and you cannot connect to any ztna destinations. I normally get the popup once, do my SAML authentication, along with MFA against the fortiauthenticator. Then everything works and I am good. Occasionally i get this timer that just counts down until 0.

2 REPLIES 2
aguerriero
Contributor II

This time I had to actually reboot the primary fortigate in the ha pair. once the secondary took over everything worked again.

aguerriero
Contributor II

Fortigate 1500D 7.2.5
ems 7.2.1
forticlient 7.2.1

I think it has something to do with user group timeouts and something with wad users. "diag wad user list" shows that it doesn't expire but I have the saml authentication timeout set at 960 in both the fortiauthenticator and in the user group settings on the fortigate for my SAML group.

I got into the fortigate and did a "diag wad user clear ID IP VDOM" and then was immediately able to connect again. How do I set the user sessions to expire either on idle or the user closes their last ZTNA session? 

Capturefdafdafdafdasdfafa.PNG

Top Kudoed Authors