Re: FortiAuthenticator - MAC based Radius "invalid...

shikhakolekar · 09-11-2025

Description: This article outlines the support options available, errors encountered and the troubleshooting steps to be taken if launch fails with SSMS client. Common Error messages: Scope FortiPAM. Solution Step 1: Verify the SSMS version used. The...

shikhakolekar · 08-26-2025

Description This article describes the behavior and steps noticed when multiple targets are launched with recording enabled. If the browser extension is enabled, WebRDP is launched, launching 3 or more targets with recording, and high RAM usage is ob...

shikhakolekar · 07-21-2025

Description This article describes how to solve 'ldap_search_ext_s search failed: Timed out'. In this case, the rule is created for adding any remote LDAP users to FortiAuthenticator. Symptom observed is that users do not reflect under Authentication...

shikhakolekar · 06-18-2025

Description This article describes the necessary configuration for FSSO logins to be processed in UPN(userPrincipalName) on FortiGate. The required configuration and permissions are listed from collector agent and active directory. Scope FortiGate. S...

shikhakolekar · 05-16-2025

Description This article describes the necessary configuration for FortiAuthenticator to act as Collector Agent in Polling mode. Scope FortiAuthenticator 6.6.2, FortiGate. Solution Step 1. On the FortiGate, an external Connector is added pointing to ...

shikhakolekar · 07-23-2025

Hello, This is related to a known issue 1168347, which is targeted to be fixed in 6.6.5. The authentication is always successful, but log would show a failed result and then a success one, it is only a behavioral change when we look at the log, has n...

shikhakolekar · 07-21-2025

Hello @RolandBaumgaertner72 , Please take a look at this article which explains migration of Hardware and Mobile FortiTokens to a new FortiGate.https://community.fortinet.com/t5/FortiAuthenticator/Technical-Tip-Migrating-users-and-FortiTokens-to-anot...

shikhakolekar · 02-14-2025

Hello, If URLs are set with IP and on certificate the Subject alternative name is different from the domain used, yes you will have to change the config From set entity-id "https://X.X.X.X:XXXX/remote/saml/metadata"set single-sign-on-url "https://X.X...

User Statistics

User Activity

Troubleshooting Tip: Error 'Connection Timeout Expired', 'Unable to connect to server' secret launcher for SSMS client

Technical Tip: High RAM usage and disconnections when using FortiPAM browser extension

Technical Tip: How to validate and solve error 'ldap_search_ext_s search failed: Timed out' for LDAP remote sync rule

Technical Tip: Process FSSO logins on FortiGate in UPN format (UserName)

Technical Tip: Configure FortiAuthenticator as Collector Agent and in Polling mode