Fortinet Community

xsilver_FTNT · 10-26-2020

DescriptionThis article describes how to run FSSO in dual (or multi) NIC environment.Quite often we see issues in FSSO caused by simultaneous use of wired and Wi-Fi connections, especially with docking stations and notebooks. Not that often in dual-N...

xsilver_FTNT · 08-05-2019

DescriptionThis article describes how FortiToken Push feature works with FortiAuthenticator and Apple/Android based devices, the configuration requirements and the workflow on FortiAuthenticator when a user authenticates.Useful links:FortiAuthenticat...

xsilver_FTNT · 08-08-2018

Description This article describes how to modify the LDAP Nested group settings. In order to authenticate user via LDAP while the user is not a direct member of the group, but member of nested group, set FortiGate in the way it will be able to check ...

xsilver_FTNT · 08-12-2015

DescriptionThis Knowledge Base article gives the list of valid RADIUS VSA Dictionary (vendor-specific attributes) of Fortinet devices.Refer to the Related Articles for FortiGate Radius VSA Dictionary (vendor-specific attributes).Scope# -*- text -*-##...

xsilver_FTNT · 08-18-2009

DescriptionThe files attached to this article provide the Radius VSA Dictionaries for 1) FortiOS 4.0 2) FortiOS 3.0 MR7 3) NTRadPing Note: NTRadPing 1.5 refuses to start with dictionary containing types 'ether' and 'octets'. For simplicity of use, th...

xsilver_FTNT · 12-23-2021

Hi,there is multitude of possible solutions.As a base for your research (if you are not going to contact our sales engineers [SE], who are half sales mans and half technicians) might be this documentation:https://docs.fortinet.com/document/fortigate/...

xsilver_FTNT · 12-17-2021

Good KB, however I need to point out that FortiOS GUI button “Import Free Trial Tokens” (on FortiOS 6 and newer) appears only when both those two tokens are removed from config AND unit is licensed (no FGVM00000.. like Serial number).Two free tokens ...

xsilver_FTNT · 12-17-2021

Hi,how about SAML ?With FortiGate:https://docs.fortinet.com/document/fortigate/6.4.8/administration-guide/33053/outbound-firewall-authentication-with-azure-ad-as-a-saml-idpThrough FortiAuthenticator:https://docs.fortinet.com/document/fortiauthenticat...

xsilver_FTNT · 12-10-2021

Hi,not sure about your PC-A and PC-B .. if those are separate PCs/computers, then the login (even with the same user) is supposed to create TWO independent FSSO user records in collector and then they should appear in FGT.diag debug authd fsso list (...

xsilver_FTNT · 12-02-2021

Yes, good one as well, more oriented to NPS while my one was more on how FGT handles that and what is expected in RADIUS Access-Accept to make it working.Both are good sources.

Fortinet Community

User Statistics

User Activity

Technical Tip: FSSO Dual NIC

Technical Tip: FortiToken Push on FortiAuthenticator - operation flow and details

Technical Tip: LDAP Nested Group settings and changes in FortiOS 5.6, 6.0 and 6.2

Technical Tip: Fortinet RADIUS attribute

Technical Tip: FortiGate Radius VSA Dictionary (vendor-specific attributes)

Re: Solution 2FA currently using forticlient with radius server.

Re: Free FortiToken

Re: Identity based security policy

Re: Question regarding FSSO operation

Re: Authenticating SSL VPN with RADIUS using class 25 possible?

Re: Fortiauthenticator 6.01

Re: Identity based security policy

Re: FSSO Agent with collector agent

Re: Authenticating SSL VPN with RADIUS using class...

Re: 2FA for administrators logging in to the WebUI

Re: FSSO Agent with collector agent

Re: Authenticating SSL VPN with RADIUS using class...

Re: Restrict IPs for LDAP access

Re: Fortigate-100E log in fail.

Re: Poll Active Directory server

News & Articles

Security Research

Company

Contact Us