Fortinet Community

dbu · 10-15-2023

Description This article describes how to fix the admin authentication with SAML SSO if it breaks when upgrading to firmware v7.4.1. Scope FortiGate v7.4.1. Solution This is known as issue 949699.See the known issues section for this release in its r...

dbu · 10-11-2023

Description This article describes how to install and configure SSO MA with FortiAuthenticator as a collector agent. Scope SSO MA, FortiAuthenticator, Domain joined Microsoft Windows. Solution Complete these steps to install from the GUI and command ...

dbu · 10-03-2023

Description This article describes how to configure a self-service portal with local and remote Sponsor groups. Scope FortiAuthenticator v6.5.3, LDAP. Solution In this scenario, there are two groups of Sponsors, one locally defined on the FortiAuthen...

dbu · 09-20-2023

Description This article describes the migration of the FortiAuthenticator-VM to a new FortiAuthenticator-VM and what is the token behavior after migration. Scope FortiAuthenticator VM 6.5.3 Solution There are two main VM migration types: Same platfo...

dbu · 09-20-2023

Description This article describes a possible workaround for FSSO authentication from Windows 11 clients. Scope Windows 11. Solution There are two issues observed with FSSO authentication after users upgrade to Win11. Starting in Windows 11, version ...

dbu · 12-04-2023

Hi @MHRNetwork , Here are your answers: 1-Yes it is possible 2-There will not be any impact if you create new test user,group,server ect only for this purpose without overlapping with existing working configuration . 3.Here is the guide: https://docs...

dbu · 12-04-2023

Hello @lpi ,You can check further debugs by going to https:///debug/ > Choose "RADIUS Authentication" > Click button "Enter debug" Reproduce the issue again and the debug will show more outputs regarding this authentication request. Since both LDAP s...

dbu · 12-04-2023

hi @welma , There is an option under SSL VPN settings to restrict access to specific hosts. Double check the FGT configuration under the SSL VPN setting > Restrict Access . What is the choosen option there allow all host or specify hosts ? If specifi...

dbu · 12-03-2023

Regarding the message "redirect mismatch, drop" It means that an old session already existed in the browser and the new request is dropped. It can be disabled it with : Config system global set strict-dirty-session-check disable end

dbu · 12-03-2023

Good to hear that you found the workaround for your situation. 

Fortinet Community

User Statistics

User Activity

Troubleshooting Tip: Admin authentication with SAML SSO breaks after upgrade to firmware 7.4.1

Technical Tip: FortiAuthenticator SSO Mobility Agent (SSOMA) installation and configuration

Technical Tip: FortiAuthenticator self-register portal with Sponsor approval

Technical Tip: FortiAuthenticator-VM migration

Technical Tip: Authentication with FSSO breaks after upgrading to Windows 11 22H2

Re: Fortigate 200F integrate with Okta - SSL VPN

Re: Fortiauthenticator and agent not working with second LDAP server.

Re: Cannot connect to VPN from other sites.

Re: redirect mismatch, drop

Re: Management port ip

Re: Fortiauthenticator and agent not working with ...

Re: User of crossover cables on FortiGate HA for h...

Re: Captive portal Authentication with Google

Re: redirect mismatch, drop

Re: redirect mismatch, drop

Re: redirect mismatch, drop

Re: Custmized local in policy doesn't work

Re: FortiGate won't let standalone switch be a sta...

Re: Fortiguard SDNS Blocked Page for Exempt URL

Re: SAML with SSL VPN Issues

KCS