Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
hhasny
Staff
Staff

Created on ‎12-03-2023 11:10 PM

Article Id 287319

Technical Tip: Users are not matching the firewall policy that has active authentication

Description This article discusses the scenario when users do not match the firewall policy that has active authentication.
Scope

Active authentication means that users are prompted to manually enter their credentials before being granted access.

When there are mixing policies with non-active authentication policies, users would meet these non-authentication policy instead which is expected.

 

Firewall Policy with Non Active AuthFirewall Policy with Non Active Auth
Solution

It is necessary to enable authentication on all policies for it to match the correct policy:

 

Firewall Policy with All Active AuthFirewall Policy with All Active Auth

 

Alternatively, consider using passive authentication i.e FSSO.

 

330
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.