Does anyone ever get a popup that just counts down and to nothing and you cannot connect to any ztna destinations. I normally get the popup once, do my SAML authentication, along with MFA against the fortiauthenticator. Then everything works and I am good. Occasionally i get this timer that just counts down until 0.
This time I had to actually reboot the primary fortigate in the ha pair. once the secondary took over everything worked again.
Fortigate 1500D 7.2.5
ems 7.2.1
forticlient 7.2.1
I think it has something to do with user group timeouts and something with wad users. "diag wad user list" shows that it doesn't expire but I have the saml authentication timeout set at 960 in both the fortiauthenticator and in the user group settings on the fortigate for my SAML group.
I got into the fortigate and did a "diag wad user clear ID IP VDOM" and then was immediately able to connect again. How do I set the user sessions to expire either on idle or the user closes their last ZTNA session?
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.