Description This article describes best practices for hardening the
FortiAuthenticator. Scope FortiAuthenticator all versions. FortiGate
configuration is referred to in parts. Solution General considerations:
FortiAuthenticator can act as a server fo...
Description This article describes digital certificates and explains the
use and validation of them. Certificates come with the use of the Secure
Sockets Layer (SSL) or its successor, Transport Layer Security (TLS,
latest version 1.3). Certificates a...
Description The LCD shows the error 'SWC5008 Critical'. SWC5007 might
also be displayed. According to this forum thread of Dell, this is
related to a communication issue with the left front Panel, either by
physical connectivity problems, so check th...
DescriptionThis article describes how to configure FortiNAC as a RADIUS
proxy.This can be useful in case of implementing wired or wireless
802.1x authentication.Related
link:https://docs.fortinet.com/document/fortinac/8.6.0/administration-guide/21455...
Description This article describes how to configure FortiNAC and
FortiGate to poll the sessions to FortiNAC.Related
link:https://docs.fortinet.com/document/fortinac/8.6.0/administration-guide/473911/firewall-session-polling
Normal 0 false false false...
Additionally, you can always see it here inside the FortiCare support
platform: https://support.fortinet.com/Information/ProductLifeCycle.aspx
for every model, hardware and software.
what DID the packet capture say? Are the packets forwarded or not? If
not, need to investigate why not (policy missing etc) If yes, need to
investigate where the packets are leaving and if the recipient is
receiving them. Best regards, Markus
Hi scheuri, there is no command to test the keytab. We often follow a
certain guide by the word, and usually Kerberos just works fine.
https://docs.fortinet.com/document/fortigate/6.0.0/handbook/926128/kerberos
You can use a few things to test what t...
Hi SkeletonManGabe, the old environment worked fine, I guess the new is
basically the same, but the XenApp and FAC Agents are having different
versions, correct? Check with the installation folder of the agent, it
has logs that are often useful. Typi...
Agreed, the OpenSSL output header on the exact chain received may be
important. Staying with the given example, google 0 s:CN =
www.google.com i:C = US, O = Google Trust Services LLC, CN = GTS CA 1C3
a:PKEY: id-ecPublicKey, 256 (bit); sigalg: RSA-SHA...