Technical Tip: How to setup TS-Agent configuration

mturic · 09-27-2024

Description This article clarifies the possible authentication methods used for connecting to VNC servers via FortiPAM. Scope FortiPAM v1.x. Solution FortiPAM supports connections to VNC servers on various platforms, such as MacOS, Windows and Linux,...

mturic · 06-27-2024

Description This article clarifies the prerequisites for using the FortiClient PAM module for some common scenarios. When using native launchers to connect to target remote servers via FortiPAM and through locally installed clients (rdp.exe, putty, v...

mturic · 12-22-2022

Description This article describes how to activate a newly purchased FortiGuard SMS license in FortiAuthenticator. Scope FortiAuthenticator. Solution Once the FortiGuard SMS license has been purchased, log in to the FortiAuthenticator GUI and navigat...

mturic · 11-28-2022

Description This article decribes that a new FIDO key is added to a user, a red warning message 'This is an invalid domain.' can appear. Scope FortiAuthenticator. Solution This error message appears if the FortiAuthenticator GUI is accessed via the I...

mturic · 11-09-2021

Description This article describes how to install a newer FortiNAC version from the CLI after downloading the image .bin file. Scope Any supported version of FortiNAC. Solution Go to the Fortinet support account, navigate to Support -> Firmware Downl...

mturic · 11-17-2022

Hi Paul, from what I see, I think you need to change your account-key-filter to filter to the sAMAccountName format. This would strip the domain suffixes from the UPN part, and would search only for your username as a sAMAccountName value.The only pr...

mturic · 11-07-2022

These debugs need to be enabled on the FortiGate CLI, you can connect to it over SSH by following this article: https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-create-a-log-file-of-a-session-using-PuTTY/ta-p/194148 As for the pop-up,...

mturic · 11-07-2022

Hi Clio, FortiGate has an option in the RADIUS settings, called radius-coa. In order to process incoming Disconnect-Requests from a RADIUS server, you would need to enable this option on the FortiGate. FortiGate would in that case process the receive...

mturic · 10-27-2022

Hi, running the following debugs on the FGT should give some better understanding on where exactly is it failing. diag debug reset diag debug console timestamp enable diag debug app samld -1 diag debug app sslvpn -1 diag debug enable Does the SAML Id...

mturic · 10-19-2022

Hi Fred,If you do not see any users in one of the the FSSO Collector Agents under "Show Logon Users", but see them on the other DC on the other FSSO CA, then probably there is an issue with reading/receiving logon events. For FSSO to work as expected...

User Statistics

User Activity

Technical Tip: Authentication methods available in FortiPAM to connect to destination VNC servers

Technical Tip: Using FortiClient for VPN and FortiPAM native launchers

Technical Tip: How to add FortiGuard SMS license into FortiAuthenticator

Troubleshooting Tip: 'This is an invalid domain' while adding a new FIDO key

Technical Tip: Upgrade FortiNAC from CLI

Re: Can't authenticate with alternative domain UPN suffix on Fortiproxy

Re: FortiClient VPN (New issue)

Re: Send radius disconnect to Fortigate from radius server

Re: FortiClient VPN (New issue)

Re: Users shown on Fortigate Dashboard missing one subnet almost entirely

Technical Tip: How to setup TS-Agent configuration

Technical Tip: Configure Gmail (STARTTLS) as a mai...

Technical Tip: Authentication methods available in...

Re: Can't authenticate with alternative domain UPN...

Re: Users shown on Fortigate Dashboard missing one...

Re: How to use Fortigate 60d bought off eBay no su...

Re: how to create Internet Access with AD Account

Re: FSSO questions : filter unwanted logon entries...

KCS