Description This article describes why the group order on the same
firewall policy and the SSL VPN auth rules order has no bearing on the
auth process.Even if it seems like a group on the same firewall policy
and SSL VPN auth rules can be set in a pa...
Description This article describes one of the causes that crashes SAMLD
every time SAML auth is attempted and how can that be fixed. Scope
FortiAuthenticator 6.X, 7.X. Solution SSL VPN SAML is configured
correctly and there is no redirect to the IDP,...
Description This article explains how to configure a FortiGate as a
transparent proxy with passive FSSO authentication. Scope FortiOS 6.x,
7.x. Solution 1) Configure the FSSO connector: # config user fsso edit
"10.5.23.153" set server "10.5.23.153"...
Description This article describes what are the requirements for LDAP
password change. Remote LDAP password change. Windows AD users can
conveniently change their passwords without provision changes being made
to the network by a Windows AD system ad...
Description This article describes how to check if a certificate and key
belong to a CSR. Scope FortiGate versions 6.X, 7.X. Solution In this
example, the CSR is created on the FortiGate, and it is signed manually
by a 3rd party. On a FortiGate, the ...
Hi Destan, That is not a must, it depends on your needs.It is not
something that you can just enable, that will most likely break
things.You can use if for the following: SSL VPN with certificate
Hi vvserpent, It's a bit unclear from your description what
should/shouldn't happen.If the issue is with 2fa being skipped, that's
most likely because the user is matching another auth server/group that
doesn't ask for 2fa.For instance, you defined t...
Ok, then you should use your own smtp server, not the default/local one.
And if your smtp server is configured properly, the messages shouldn't
land in spam. Here is how you can add it to the FAC:
Hi Firdausi, Are the messages landing in spam sent by a Fortinet
product/service?Is it the local/default smtp server you're using? If you
do, then you should move away from that, it's not intended to be used in
production and messages will likely lan...
We might have sent you in the wrong direction.This is how you can
configure and assign tokens to remote LDAP admin.If you're using vdoms,
you have to be in global for this. Group and server in root
vdom.fortinet is my samaccountname, and I'm able to ...
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.