Fortinet Community

cchiriches · 11-25-2022

Description This article describes why the group order on the same firewall policy and the SSL VPN auth rules order has no bearing on the auth process.Even if it seems like a group on the same firewall policy and SSL VPN auth rules can be set in a pa...

cchiriches · 11-25-2022

Description This article describes one of the causes that crashes SAMLD every time SAML auth is attempted and how can that be fixed. Scope FortiAuthenticator 6.X, 7.X. Solution SSL VPN SAML is configured correctly and there is no redirect to the IDP,...

cchiriches · 10-28-2022

Description This article explains how to configure a FortiGate as a transparent proxy with passive FSSO authentication. Scope FortiOS 6.x, 7.x. Solution 1) Configure the FSSO connector: # config user fsso edit "10.5.23.153" set server "10.5.23.153"...

cchiriches · 08-29-2022

Description This article describes what are the requirements for LDAP password change. Remote LDAP password change. Windows AD users can conveniently change their passwords without provision changes being made to the network by a Windows AD system ad...

cchiriches · 07-29-2022

Description This article describes how to check if a certificate and key belong to a CSR. Scope FortiGate versions 6.X, 7.X. Solution In this example, the CSR is created on the FortiGate, and it is signed manually by a 3rd party. On a FortiGate, the ...

cchiriches · 11-28-2022

Hi Destan, That is not a must, it depends on your needs.It is not something that you can just enable, that will most likely break things.You can use if for the following: SSL VPN with certificate authenticationhttps://docs.fortinet.com/document/forti...

cchiriches · 11-25-2022

Hi vvserpent, It's a bit unclear from your description what should/shouldn't happen.If the issue is with 2fa being skipped, that's most likely because the user is matching another auth server/group that doesn't ask for 2fa.For instance, you defined t...

cchiriches · 11-21-2022

Ok, then you should use your own smtp server, not the default/local one. And if your smtp server is configured properly, the messages shouldn't land in spam. Here is how you can add it to the FAC: https://docs.fortinet.com/document/fortiauthenticator...

cchiriches · 11-21-2022

Hi Firdausi, Are the messages landing in spam sent by a Fortinet product/service?Is it the local/default smtp server you're using? If you do, then you should move away from that, it's not intended to be used in production and messages will likely lan...

cchiriches · 11-18-2022

We might have sent you in the wrong direction.This is how you can configure and assign tokens to remote LDAP admin.If you're using vdoms, you have to be in global for this. Group and server in root vdom.fortinet is my samaccountname, and I'm able to ...

Fortinet Community

User Statistics

User Activity

Technical Tip: Firewall policy group order and SSL VPN auth rules order do not work

Technical Tip: How to fix crashing SAML daemon

Technical Tip: How to configure a transparent proxy with FSSO

Technical Tip: Why to join FortiAuthenticator to the domain instead of using LDAPs

Technical Tip: How to check if a certificate and key belong to a CSR

Re: Do we need to use the client certificate when connecting to SSL VPN, when do we need it?

Re: Fortitoken problem

Re: Why are mails sent to spam instead of inbox of the recipient?

Re: Why are mails sent to spam instead of inbox of the recipient?

Re: Two factor authentication for AD admins

Technical Tip: Configuring SAML SSO login for Fort...

Re: Do we need to use the client certificate when ...

Re: Why are mails sent to spam instead of inbox of...

Re: Two factor authentication for AD admins

Re: SSL-VPN SAML SSO with Azure AD

Re: Do we need to use the client certificate when ...

Re: Two factor authentication for AD admins

Re: SSL-VPN SAML SSO with Azure AD

Broad. Integrated. Automated.

Security Research

Company

News & Articles

Contact Us

User Statistics

User Activity

Broad. Integrated. Automated.

Social Media

Security Research

Company

News & Articles

Contact Us