Description This article describes how to activate a newly purchased
FortiGuard SMS license in FortiAuthenticator. Scope FortiAuthenticator.
Solution Once the FortiGuard SMS license has been purchased, log in to
the FortiAuthenticator GUI and navigat...
Description This article decribes that a new FIDO key is added to a
user, a red warning message 'This is an invalid domain.' can appear.
Scope FortiAuthenticator. Solution This error message appears if the
FortiAuthenticator GUI is accessed via the I...
DescriptionThis article describes how to install a newer FortiNAC
version from the CLI after downloading the image .bin file.Solution1) Go
to the Fortinet support account, Support -> Firmware Download and select
product: FortiNAC. Navigate to the For...
DescriptionRunning the remote user sync rule does not remove users
(deleted remote LDAP users, or which are not anymore members of the
group configured in the sync rule), but only adds new ones.Solution
There are two possible solutions: 1) The maximu...
DescriptionThis article describes how to run L2 Polling from
CLI.ScopeFor version 8.8 and 9.1.SolutionConnect to FortiNAC CLI using a
SSH terminal:Then run this command 'ReadForwardingTbl –ip' following by
the IP address of the unit.This tool does a ...
Hi Paul, from what I see, I think you need to change your
account-key-filter to filter to the sAMAccountName format. This would
strip the domain suffixes from the UPN part, and would search only for
your username as a sAMAccountName value.The only pr...
These debugs need to be enabled on the FortiGate CLI, you can connect to
it over SSH by following this article:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-create-a-log-file-of-a-session-using-PuTTY/ta-p/194148
As for the pop-up,...
Hi Clio, FortiGate has an option in the RADIUS settings, called
radius-coa. In order to process incoming Disconnect-Requests from a
RADIUS server, you would need to enable this option on the FortiGate.
FortiGate would in that case process the receive...
Hi, running the following debugs on the FGT should give some better
understanding on where exactly is it failing. diag debug reset diag
debug console timestamp enable diag debug app samld -1 diag debug app
sslvpn -1 diag debug enable Does the SAML Id...
Hi Fred,If you do not see any users in one of the the FSSO Collector
Agents under "Show Logon Users", but see them on the other DC on the
other FSSO CA, then probably there is an issue with reading/receiving
logon events. For FSSO to work as expected...