Fortinet Community

mturic · 12-22-2022

Description This article describes how to activate a newly purchased FortiGuard SMS license in FortiAuthenticator. Scope FortiAuthenticator. Solution Once the FortiGuard SMS license has been purchased, log in to the FortiAuthenticator GUI and navigat...

mturic · 11-28-2022

Description This article decribes that a new FIDO key is added to a user, a red warning message 'This is an invalid domain.' can appear. Scope FortiAuthenticator. Solution This error message appears if the FortiAuthenticator GUI is accessed via the I...

mturic · 11-09-2021

Description This article describes how to install a newer FortiNAC version from the CLI after downloading the image .bin file. Scope Any supported version of FortiNAC. Solution Go to the Fortinet support account, navigate to Support -> Firmware Downl...

mturic · 11-09-2021

DescriptionRunning the remote user sync rule does not remove users (deleted remote LDAP users, or which are not anymore members of the group configured in the sync rule), but only adds new ones.Solution There are two possible solutions: 1) The maximu...

mturic · 08-22-2021

DescriptionThis article describes how to run L2 Polling from CLI.ScopeFor version 8.8 and 9.1.SolutionConnect to FortiNAC CLI using a SSH terminal:Then run this command 'ReadForwardingTbl –ip' following by the IP address of the unit.This tool does a ...

mturic · 11-17-2022

Hi Paul, from what I see, I think you need to change your account-key-filter to filter to the sAMAccountName format. This would strip the domain suffixes from the UPN part, and would search only for your username as a sAMAccountName value.The only pr...

mturic · 11-07-2022

These debugs need to be enabled on the FortiGate CLI, you can connect to it over SSH by following this article: https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-create-a-log-file-of-a-session-using-PuTTY/ta-p/194148 As for the pop-up,...

mturic · 11-07-2022

Hi Clio, FortiGate has an option in the RADIUS settings, called radius-coa. In order to process incoming Disconnect-Requests from a RADIUS server, you would need to enable this option on the FortiGate. FortiGate would in that case process the receive...

mturic · 10-27-2022

Hi, running the following debugs on the FGT should give some better understanding on where exactly is it failing. diag debug reset diag debug console timestamp enable diag debug app samld -1 diag debug app sslvpn -1 diag debug enable Does the SAML Id...

mturic · 10-19-2022

Hi Fred,If you do not see any users in one of the the FSSO Collector Agents under "Show Logon Users", but see them on the other DC on the other FSSO CA, then probably there is an issue with reading/receiving logon events. For FSSO to work as expected...

Fortinet Community

User Statistics

User Activity

Technical Tip: How to add FortiGuard SMS license into FortiAuthenticator

Troubleshooting Tip: 'This is an invalid domain' while adding a new FIDO key

Technical Tip: Upgrade FortiNAC from CLI

Troubleshooting Tip: Remote user sync rule is not removing users

Technical Tip: Run L2 polling from CLI

Re: Can't authenticate with alternative domain UPN suffix on Fortiproxy

Re: FortiClient VPN (New issue)

Re: Send radius disconnect to Fortigate from radius server

Re: FortiClient VPN (New issue)

Re: Users shown on Fortigate Dashboard missing one subnet almost entirely

Technical Tip: Configure Gmail (STARTTLS) as mail ...

Re: Can't authenticate with alternative domain UPN...

Re: Users shown on Fortigate Dashboard missing one...

Re: This site is not secure

Re: How to use Fortigate 60d bought off eBay no su...

Re: How to use Fortigate 60d bought off eBay no su...

Re: how to create Internet Access with AD Account

Re: FSSO questions : filter unwanted logon entries...

KCS