Technical Tip: How to read SAML Debug output

mgoswami · 08-14-2025

Description This article explains how to resolve the issue where the Load Filter function in the Analytics section of FortiSIEM continues loading indefinitely, causing the GUI to become inaccessible until the browser is refreshed. Scope FortiSIEM. So...

mgoswami · 04-17-2025

Description This article describes how to troubleshoot the 'duplicate entry' error encountered when adding a new item to the FortiSIEM Watchlist. Scope FortiSIEM. Solution This error can occur if the entry value trying to add already exists in the Wa...

mgoswami · 01-09-2025

Description This article describes how to handle the error 'Cannot find key for' the principal in Kerberos Authentication. Scope FortiGate, FortiProxy Solution Kerberos authentication fails when it cannot locate the correct key for the principal in t...

mgoswami · 12-17-2024

Description This article describes how to read and understand the Kerberos authentication log on FortiGate. Scope FortiGate. Solution This sample log is from FortiGate with IP-based transparent proxy configuration and using Kerberos authentication. T...

mgoswami · 12-16-2024

Description This article describes a possible error that can be seen in the WAD debug when authenticating a user with Kerberos. Scope FortiGate. Solution This error is seen when the time difference (skew) between the client machine and Service and th...

mgoswami · 11-28-2024

Hello, What network ports are allowed between endpoints and EMS ? Please check the Firewall and ensure that following ports are open "TCP 135, 445, and 10443 ports between EMS Server". Regards, Manosh

mgoswami · 01-04-2024

Hi, Yes the above mentioned steps are correct. Additionally, you may also refer to these links for any configuration in NAT mode and Transparent Mode VDOM:https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-create-VDOM-with-Transparent-m...

mgoswami · 01-04-2024

Hi, Here are some of the key features of Fortimanager:https://help.fortinet.com/fmgr/50hlp/56/5-6-1/FortiManager_Admin_Guide/0300_FMG_architecture/0400_Key%20features+.htm

mgoswami · 10-13-2023

Hi, If you have disabled Split Tunneling for SSL VPN, in that case, on the Policy which you have created for the SSL VPN users to access Internet, you would need to call the SAML USER GROUP. This group will be for the non gallery application which yo...

mgoswami · 10-12-2023

Hi, You may login to your training portal and go to your Profile. You will see the certificate there. BR, Manosh

User Statistics

User Activity

Technical Tip: Load Filter under Analytics keeps loading for users with a specific role

Troubleshooting Tip: Unable to add entry to Watchlist - duplicate entry detected

Troubleshooting Tip: How to resolve 'Cannot find key for' error in Kerberos Authentication

Technical Tip: Understanding Kerberos Authentication logs in FortiGate

Troubleshooting Tip: Time Skew error in Kerberos Authentication

Re: Forticlient EMS Endpoint Notified

Re: Change Fortigate VDOM from Transparent to NAT

Re: What are the benefits of Fortimanager ?

Re: Fortigate Azure AD as a SAML IdP for outbound firewall rule and SAML SSO login for SSL VPN

Re: Fortinet NSE 4 certification

Technical Tip: How to read SAML Debug output

Technical Tip: Packet duplication and de-duplicati...

Troubleshooting Tip: Troubleshooting FortiSIEM SNM...

Technical Tip: Inspection mode option is not visib...

Technical Tip: Load Filter under Analytics keeps l...

Re: Change Fortigate VDOM from Transparent to NAT

Re: My SSL VPN RDP connection bookmark closes

Re: Restrict Access to the Firewall WAN Interface ...

Re: Redundant IPsec tunnel stays up even if peer i...

Re: Restrict Access to the Firewall WAN Interface ...

KCS

User Statistics

User Activity

You are leaving our website