I've configure the FortiGate on our network to authenticate firewall
traffic using Azure AD as the IdP. All Internet access works as expected
once each user has authenticated to Azure. Users are complaining that
first thing in a morning several appli...
Hi,I have a FortiGate 100F with a LAN interface (10.1.10.1) that uses
the local Captive Portal to authenticate users to Azure AD using SAML
2.0 SSO.I also have a Wi-Fi Interface (10.1.40.1) that uses the local
Captive Portal to authenticate guest use...
Hi Debbie, Your solution works for our phone system and email (AWS
WorkMail). Thanks for this :) My only issue now is Slack and Microsoft
Teams. Both these applications use Port 443 and have lots of different
destination IP addresses. When I created ...
Hi Debbie,Thanks for the reply, here is a screenshot of our Internet
access policy -I've placed authentication exemption rules before the
general Internet access policy, e.g.These rules don't have any
authentication requirements. First thing in the m...
I've changed the order that the 'Captive' records appear in the Entry
table and now 10.1.10.1 is always returned first. This works out better
for me because the Azure AD firewall auth gets used much more than the
Guest Wi-Fi does.
I've been viewing the DNS traffic in Wireshark and it looks like the
response from the FortiGate DNS contains both IP addresses -
---------------------------------------------------------Internet
Protocol Version 4, Src: 10.1.10.1, Dst: 10.1.10.23Use...