Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
tanr
Valued Contributor II

FortiAuthenticator 4.3.0 (build 0216) firmware is out

Looks like FortiAuthenticator 4.3.0 (build 0216) firmware is out.

 

Per release notes, it now allows you to turn off FTM push notifications for radius users.  There are a number of bug fixes, including better logging and reports of push notifications.

 

Unfortunately for me, "Known Issues" still lists the bug I ran into with EAP, and a possibly related one:

 

  375401 Password authentication fails for admins in EAP.   392437 SSH FAC login fails using CHAP/MS.CHAP/MS.CHAPv2 authentication to Cisco ACS remote RADIUS users.

Anybody upgraded to 4.3.0 yet?  I'd like to not be the first this time!

1 Solution
tanr
Valued Contributor II

Heh, they already released 4.3.1.  Looks like they may have caught and fixed the bug you describe, sergey.

 

412109 Fixed issue regarding user names having mixed capitalization after synchronization with remote LDAP server. This fix addressed users being authenticated without being prompted for a FortiToken code.

View solution in original post

5 REPLIES 5
ergotherego
Contributor II

I am going to wait until 4.3.1 is out. But I am excited about the ability to use wildcards/subnets for RADIUS client IP. Will enable us to consolidate other RADIUS servers into just the FACs.

sergey

4.3.0 have problem with LDAP logins which have capital letters.

 

Setup: AD -> FA -> Netscaler:

users who are having LDAP login with the capital letters in the login name are unable to login.

 

Error message:

Remote LDAP user authentication with no token failed: NAS forces two-factor auth but user token not defined

 

Checkbox about "Remote RADIUS usernames are case sensitive" is unset

 

PLEASE FIX!

tanr
Valued Contributor II

@sergey,

 

Have you created a support ticket for this?  If not, please do so and report the bug!

This is just a discussion forum.

 

Thanks!

tanr
Valued Contributor II

Heh, they already released 4.3.1.  Looks like they may have caught and fixed the bug you describe, sergey.

 

412109 Fixed issue regarding user names having mixed capitalization after synchronization with remote LDAP server. This fix addressed users being authenticated without being prompted for a FortiToken code.

sergey
New Contributor

@tanr,

 

Yes, my issue was fixed.

Labels
Top Kudoed Authors