Authentication issue in FAC and firewall

Author
sandytechie
New Member
  • Total Posts : 2
  • Scores: 0
  • Reward points: 0
  • Joined: 2019/08/19 06:22:14
  • Status: offline
2019/08/19 06:41:16 (permalink)
0

Authentication issue in FAC and firewall

Hi Guys
 
we are configuring a New setup here we have fortigate firewall, FAC and OUR AD and now we have planned to dynamically assign VLAN based ON users which is in AD now as a Test we created a Local User and in FAC itself and tested for Local User 
and it is successfully assigning Vlan and IP based on it as the configuration in Attribute is done.
 
Now we have configured the Remote Sync server and the FAC is now sync with our AD and we imported all the Users from AD
 
Now we have configured and when we configured with the proper configuration referring all the Documents we found that the SSID is shown and when we login we see that we are getting cant connect to the network error.
 
we tried all possible ways and we are working with TAC also still no positive update Any one please give us solution.
 
#1

1 Reply Related Threads

    xsilver_FTNT
    Expert Member
    • Total Posts : 437
    • Scores: 93
    • Reward points: 0
    • Joined: 2015/02/02 03:22:58
    • Status: offline
    Re: Authentication issue in FAC and firewall 2019/08/23 00:27:21 (permalink)
    0
    Hi,
    if I got it correctly then now you tested authentication via FAC with synced users, but user is not getting VLAN assigned properly, right ?
     
    If so, then if you do sniff RADIUS Access-Accept (I still believe your user authenticates correctly, and so is accepted), then does that Accept contains proper AVP ? If not, then check group where do you sync the users into from AD/LDAP. Also, that group has to be in RADIUS Client config, otherwise the AVP assigned to group will not be inherited to authenticated user.

    Kind Regards,
    Tomas
    #2
    Jump to:
    © 2019 APG vNext Commercial Version 5.5