Fortinet Community

bpozdena_FTNT · 09-29-2021

DescriptionFSSO collector agent by default tries to detect workstation IP address changes by resolving the workstation host names via DNS. The interval in which the IP address verification occurs is configured by the 'IP address change verify interva...

bpozdena_FTNT · 05-27-2021

DescriptionWhen configuring FSSO, administrators have the ability to specify which user groups will be monitored by FSSO. The Group Filter can be defined either locally on FortiGate or directly on FSSO Collector Agent. While in general the group filt...

bpozdena_FTNT · 04-12-2021

DescriptionSince the release of FortiOS 6.2, the FortiOS proxy daemon (WAD) will strip domain names from usernames when domain is specified with backslash (DOMAIN\username). This behavior allows matching of locally defined users before contacting rem...

bpozdena_FTNT · 05-15-2020

Description This article describes how to configure SSL VPN OS check for Windows 10 clients with specific Windows build number. Scope FortiGate v6.2 and above. Solution # config vpn ssl web portal edit set os-check enable set skip-check-for-unsuppor...

bpozdena_FTNT · 05-08-2020

DescriptionThis article describes how to move FortiToken Mobile between VDOMs.Solution1) Ensure the FortiToken mobile to move is not assigned to any user.2) Note down the Serial Number of the FortiToken to move to different VDOM. 3 )Delete the token ...

bpozdena_FTNT · 11-28-2022

You can't access the captive portal manually. You'll need to be redirected there by the Fortigate. Just access http://example.com . If you are using the HTTPS version on port 1003, ensure the client OS can verify the validity of all intermediate cert...

bpozdena_FTNT · 11-28-2022

You can also keep using the same portal address everywhere, and just resolve the FQDN into different Fortigate IP address. For instance, you can create a recursive DNS server on each interface for the same A record. Alternatively, the latest FortiOS ...

bpozdena_FTNT · 11-28-2022

It seems you're mixing multiple different issues into the same questions. It might be better to have separate threads for separate issues. Bellow are some generic tips: If inactive users are being de-authenticated you may need to tweak the timers. If...

bpozdena_FTNT · 11-28-2022

The concept of filtering the FSSO groups on FAC is the same as on Windows Collector Agent. FAC, however has two different filtering options 'Global Pre-Filter' and custom 'FortiGate Filter'. To create FSSO Filter for your Fortigate: FAC GUI > Fortine...

bpozdena_FTNT · 11-24-2022

Hi Nark0t, MAC address randomization is enabled by default on most modern mobile devices these days and in itself should not have any effect on connecting to Wifi or accessing captive portal. You can however try to disable source MAC address verifica...

Fortinet Community

User Statistics

User Activity

Technical Tip: Optimization of FSSO workstation IP address verification

Technical Tip: FSSO Group Filter configured on Collector Agent

Technical Tip: Domain name stripping behavior for proxy authentication

Technical Tip: How to configure FortiClient SSL VPN check for Windows version and build

Technical Tip: Moving FortiToken Mobile between VDOMs

Re: Wireless-LAN Captive Portal + Best Practice

Re: Captive Portal / Certificate Issue

Re: Wireless-LAN Captive Portal + Best Practice

Re: External Connector FSSO Agent on Windows AD

Re: FortiWifi captive portal and Android/iOS randomized MAC issues

Re: External Connector FSSO Agent on Windows AD

Re: Fortigate Firewall Policy | GUI Table

Re: Upload a logo image via CLI

Re: Automation -> CLI Script: Use date as Part of ...

Re: FAC Captive Portal with http

Re: Assign multiple FortiToken at once to multiple...

Re: Access web server in DMZ via port 80

Re: Using LDAP auth with IPSec VPN, Windows Native...

Re: Licences for email 2FA

Re: DHCP exclusions more than three subnets

Broad. Integrated. Automated.

Security Research

Company

News & Articles

Contact Us