Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
crdmt
New Contributor

FSSO Agent Based, is Traffic secure from agent to collector to Fortigate?

Hi,

 

We have setup FSSO using the DC agent based method and have a collector Agent connected to our Fortigate. All working as per the documentation.

 

However we have been asked a simple question that I can't find a clear answer on so far.

 

Is the traffic sent from the DC Agents to the Collector Agent encrypted/secure? Also the same for the traffic from the Collector Agent to the Fortigate?

 

The docs mention the ports used;

 

DC Agent keepalive and push logon info to CAUDP/8002CA keepalive and push logon info to FortigateTCP/8000

 

We need to tick off that the traffic, as it contains user information is not floating through the network in a way that could be compromised.

 

Anyone have an insight in to this, it would be interesting and big help.

Thanks,

CD

1 REPLY 1
OneOfUs
New Contributor III

I am uncertain, however you if you can run a mirror port / and or packet capture on the uplinked switch you should be able to see if the traffic on tcp/8000 udp/8002 is encapsulated.

Labels
Top Kudoed Authors