Description This article describes detailed installation steps for a
standalone FSSO Mobility Agent. Scope FortiClient, FSSO Mobility Agent.
Solution FortiClient offers an FSSO mobility agent as part of its
feature set. The FSSO mobility agent is abl...
Description This article covers some frequently asked questions
regarding FortiAuthenticator licensing and expands on these documents:
Licensing - FortiAuthenticator administration guide. Maximum values for
hardware appliances - FortiAuthenticator re...
Description This article describes how to resolve the error 'Included
profile file could not be read' when trying to join FortiNAC to a domain
under Network -> RADIUS -> 'Winbind' Tab. Scope FortiNAC. Solution
FortiNAC can sometimes, when trying to j...
Description This article provides a basic understanding of certificates
and some basic troubleshooting steps for a wide variety of certificate
issues. Scope FortiOS. Solution FortiGate uses certificates in various
different ways, and will need to int...
Description This article describes what CLI settings are necessary to
allow FortiGate to submit SSLVPN credentials automatically in an SSLVPN
bookmark. Scope FortiOS. Solution SSL VPN web mode allows the creation
of bookmarks. The bookmarks can point...
Hey piaakit, you can either make the setting during initial
configuration of HA (before the cluster is actually formed) and then the
secondary will remain available on the reserved management interface. If
you already formed the cluster, you can do t...
Hey, the Fortinet Developer Network includes an option to validate API
requests, and I checked your snippet above against it - it looks like
you have an extra closing bracket '}' in there. Once I removed that, it
came back fine. Can you check that th...
Hey hodoknaru, if you're doing passive authentication (FSSO or RSSO I
assume?), then the IP information is picked up from whatever
authentication FortiProxy (or Collector Agent) detects in the first
place. Do the users actually arrive at FortiProxy w...
Hey Kubajs, I'm not sure if NPS login activity on a Windows Server can
be picked up with FSSO; FSSO uses either lsass.exe (domain pcs use this
to authenticate their users, essentially) or polls event logs on Domain
Controllers (usually events generat...
Hey Nitish, a maybe stupid question, but can you please double-check: -
in your configuration, you have an authentication rule snippet -> these
are used for explicit proxy and ZTNA, not regular firewalll policies ->
for authentication in regular fire...