Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Pauwlo
New Contributor

Created on ‎11-14-2014 01:21 PM

"Access Denied" on some folder using the SMB Widget on the SSL VPN portal.

Hi,

 

I write a thread because I did not found my issue on the forum or on the Internet.

I set up a SSL VPN portal on my Fortigate and added a SMB/CIFS bookmark which link to my network share.

When I click on this bookmark I can log in and access my share but on some specific folders I have an "Access Denied" message.

I can correctly browse theses folder if I use the native windows file browser.

The only think I saw is that the root folder has read access for the "Everyone" group and the folders I have problems with have more specifics rights such as "Read access for the "Company_Members" group".

 

Did you already meet this issue or do you have an idea to start troubleshooting this issue ?

 

Regards, Pauwlo.

14116
0 Kudos
4 REPLIES 4
mjcrevier
New Contributor III

Created on ‎11-15-2014 09:25 PM

How are you authenticating users that login to the SSL portal? LDAP/RADIUS/Local?

3336
0 Kudos
Pauwlo
New Contributor
In response to mjcrevier

Created on ‎11-17-2014 12:02 AM

mjcrevier wrote:

How are you authenticating users that login to the SSL portal? LDAP/RADIUS/Local?

Hi Mjcrevier,

 

I am authenticating my users with LDAP (on AD). I tried to enable the SSO on the portal, I was not asked for my credentials while connecting to the share but I get the same issue.

 

Regards, Pauwlo.

3336
0 Kudos
fjansson
New Contributor II
In response to Pauwlo

Created on ‎04-12-2016 04:16 AM

Hi!

 

Not sure if you managed to get this working but I found another "solution" on the forum, regarding the 'Access Denied' bit. 

 

Apparently if you fill in domain\username in the username/password boxes you are able to connect to the shares. No access denied or anything. 

 

So for example:

"domain.local\username" + password works, but only filling in the username doesn't. 

 

This was taken from the following thread from 2012, so it seems the issue is still present:

https://forum.fortinet.com/tm.aspx?m=92268&tree=true

 

== Update ==

Below settings were entered on a FortiGate v5.2.4,build688

 

To be able to do this without having to fill in domain\username, edit the following settings:

 

#config vpn ssl settings  set dns-suffix domain.local

 

Then, navigate to the relevant bookmark and select SSO: auto

 

Also, make sure the file share you are entering is not a DFS share, as this will not work (at least when I tried it).

 

 

Kind regards, Frida

3336
0 Kudos
fjansson
New Contributor II
In response to Pauwlo

Created on ‎04-12-2016 05:37 AM

An update on this:

 

I managed to get this working without having to manually fill in domain\username.

 

This was done on a Fortigate v5.2.4,build688:

 

#config vpn ssl settings  set dns-suffix domain.local

 

Also, set sso -> auto on the relevant bookmark.

 

Make sure that you are using a non DFS fileshare as well, I didn't get it to work with DFS at least.

 

Kind Regards, Frida

3336
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.