Hot!Dual connection wireless & wired dock

Author
scerazy
Gold Member
  • Total Posts : 173
  • Scores: 2
  • Reward points: 0
  • Joined: 2009/12/22 14:09:01
  • Status: offline
2019/04/24 04:06:41 (permalink)
0

Dual connection wireless & wired dock

I noticed that if user logs in to AD on wireless & then connects a dock (wireless is going to off at this point), user no longer seems to be authenticated by DC Agent & internet access fails (as my Policy drops all access if non authenticated user)
 
Any idea if that behavior can be adjusted?
 
My DC Agent Timers are: workstation verify interval 5 min, dead entry 480 min, ip address change 60 sec
 
Seb
#1

6 Replies Related Threads

    Alivo_ FTNT
    Silver Member
    • Total Posts : 71
    • Scores: 22
    • Reward points: 0
    • Joined: 2013/04/30 12:42:47
    • Location: Fortinet TAC Prague
    • Status: offline
    Re: Dual connection wireless & wired dock 2019/04/24 05:52:00 (permalink)
    0
    Hello Seb,
     
    This is answered in this post:

    https://forum.fortinet.com/tm.aspx?m=126175
     
    Alivo
    #2
    scerazy
    Gold Member
    • Total Posts : 173
    • Scores: 2
    • Reward points: 0
    • Joined: 2009/12/22 14:09:01
    • Status: offline
    Re: Dual connection wireless & wired dock 2019/04/24 06:12:19 (permalink)
    0
    Well, not really, over there there is Collector mention & I use DC Agent in DC mode installed directly on DCs
    #3
    Alivo_ FTNT
    Silver Member
    • Total Posts : 71
    • Scores: 22
    • Reward points: 0
    • Joined: 2013/04/30 12:42:47
    • Location: Fortinet TAC Prague
    • Status: offline
    Re: Dual connection wireless & wired dock 2019/04/25 02:25:05 (permalink)
    0
    Hello,
    Do you use FortiAuthenticator?
    If not then you have to have Collector Agent(s) In DC Agent mode which communicates to FortiGate while DC Agent communicates to Collector Agent(s) .
     
    post edited by Alivo_ FTNT - 2019/04/25 02:26:22

    Attached Image(s)

    #4
    scerazy
    Gold Member
    • Total Posts : 173
    • Scores: 2
    • Reward points: 0
    • Joined: 2009/12/22 14:09:01
    • Status: offline
    Re: Dual connection wireless & wired dock 2019/04/25 02:30:04 (permalink)
    0
    No, I do not use FortiAuthenticator
     
    I do have two DC Agents DCAgent_Setup_5.0.0276_x64.msi that communicate with Fortigate
     
    Yes, like in the picture!
     
    But I do NOT have [HKEY_LOCAL_MACHINE\software\fortinet\fsae\collectoragent]
     
    I have [HKEY_LOCAL_MACHINE\software\fortinet\fsae\dcagent]
     
     
    post edited by scerazy - 2019/04/25 02:31:45
    #5
    Alivo_ FTNT
    Silver Member
    • Total Posts : 71
    • Scores: 22
    • Reward points: 0
    • Joined: 2013/04/30 12:42:47
    • Location: Fortinet TAC Prague
    • Status: offline
    Re: Dual connection wireless & wired dock 2019/04/25 02:36:42 (permalink)
    0
    Ok,
    DC Agents do not communicate with FortiGate, they communicate with Collector Agent(s) that send user info
    to FortiGate. The previous image is the Collector Agent, this picture is DC Agent that can communicate only with above mentioned Collector Agent.

    The registry path is:
    HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Fortinet\FSAE\collectoragent
    post edited by Alivo_ FTNT - 2019/04/25 02:37:45

    Attached Image(s)

    #6
    scerazy
    Gold Member
    • Total Posts : 173
    • Scores: 2
    • Reward points: 0
    • Joined: 2009/12/22 14:09:01
    • Status: offline
    Re: Dual connection wireless & wired dock 2019/04/25 02:41:32 (permalink)
    0

     
    I have never ever seen the other screen
     
    I have only seen Install DC Agent or Uninstall DC Agent GUIs
     
    OK, I see the value DNSlookupinterval, which in fact is the GUI IP Address Change verify interval, so I reduced it to 5 & will see what happens
     
    Seb
    post edited by scerazy - 2019/04/25 03:04:17
    #7
    Jump to:
    © 2019 APG vNext Commercial Version 5.5