Description This article describes how to fix the admin authentication
with SAML SSO if it breaks when upgrading to firmware v7.4.1. Scope
FortiGate v7.4.1. Solution This is known as issue 949699.See the known
issues section for this release in its r...
Description This article describes how to install and configure SSO MA
with FortiAuthenticator as a collector agent. Scope SSO MA,
FortiAuthenticator, Domain joined Microsoft Windows. Solution Complete
these steps to install from the GUI and command ...
Description This article describes how to configure a self-service
portal with local and remote Sponsor groups. Scope FortiAuthenticator
v6.5.3, LDAP. Solution In this scenario, there are two groups of
Sponsors, one locally defined on the FortiAuthen...
Description This article describes the migration of the
FortiAuthenticator-VM to a new FortiAuthenticator-VM and what is the
token behavior after migration. Scope FortiAuthenticator VM 6.5.3
Solution There are two main VM migration types: Same platfo...
Description This article describes a possible workaround for FSSO
authentication from Windows 11 clients. Scope Windows 11. Solution There
are two issues observed with FSSO authentication after users upgrade to
Win11. Starting in Windows 11, version ...
Regarding the message "redirect mismatch, drop" It means that an old
session already existed in the browser and the new request is dropped.
It can be disabled it with : Config system global set
strict-dirty-session-check disable end
Hi @AEK When a packet comes to a FortiGate and FortiOS and it can't find
an existing session for it, although it is expected that it has to be
already in place it shows unknown0 as source interface. Have a look here
for more information:
https://comm...
Thank you for clarifying. It looks like when the google authentication
policy is enabled it overlaps with some FQDN that android needs to check
regarding the captive portal. If android in your case is using HTTP to
perform his checks you can try a po...
