Technical Tip: SSL/TLS and the use of Digital Cert...

Markus_M · 11-04-2024

Description This article describes an example use case for certmonger and the FortiAuthenticator as SCEP server. Note that certmonger is a third party tool and not endorsed by Fortinet. Its documentation can be found here:https://www.freeipa.org/page...

Markus_M · 09-05-2024

Description This article describes the general setup on an SMS gateway. It links to a few more specific setups as well. It intends to expand the documentation on the administration guide: SMS Gateway documentation Note that this does not include the ...

Markus_M · 09-21-2023

Description This article describes best practices for hardening environments with the FortiAuthenticator. It may in parts be true for other installations. Scope FortiAuthenticator all versions. FortiGate configuration is referred to in parts. Solutio...

Markus_M · 08-01-2022

Description This article describes digital certificates and explains the use and validation of them. Certificates come with the use of the Secure Sockets Layer (SSL) or its successor, Transport Layer Security (TLS, latest version 1.3). Certificates a...

Markus_M · 03-02-2022

Description The LCD shows the error 'SWC5008 Critical'. SWC5007 might also be displayed. According to this forum thread of Dell, this is related to a communication issue with the left front Panel, either by physical connectivity problems, so check th...

Markus_M · 05-16-2025

Hi, from the description I have to assume, you have Intune as SCEP client, FortiAuthenticator as SCEP server.SCEP is an HTTP based protocol, so HTTP logic applies (with its response codes). First, see to reproduce an SCEP request at will and then che...

Markus_M · 05-10-2025

Hi Kanes39, there is no change, the FortiAuthenticator supported it all along, but makes it in my weird opinion more logic. FortiAuthenticator won't know there is a host authenticating or a user. While that is probably possible to automate with code ...

Markus_M · 03-14-2025

Hi agrillea, I think the method you have there, is good. The oauth logout endpoint on the API seems to not exist. What might help in addition (not answering your question) is the token expiry timer which by default sits at 10h. If you have automated ...

Markus_M · 09-04-2024

Hi Lelle68, freeradius may not be covered well here, simply because we don't do much with direct configuration. I suggest you check the freeradius forums/documentation directly: https://www.freeradius.org/documentation/freeradius-server/4.0.0/tutoria...

Markus_M · 08-28-2024

May depend on the FortiClient version as well. 7.4.0+ should not do that, older 7.0 should not do that either. 7.2 may do that on intention to fix a reported problem.https://docs.fortinet.com/document/forticlient/7.2.2/windows-release-notes/22791 862...

User Statistics

User Activity

Technical Tip: Example of use of certmonger and FortiAuthenticator as SCEP server.

Technical Tip: General SMS Gateway configuration for OTP or second factor authentication

Technical Tip: Best practices on hardening FortiAuthenticator environments