3rd-Party Servers Open Ports

3rd-Party Servers Open Ports Incoming Ports Purpose Protocol/Port FortiAnalyzer LDAP & PKI Authentication TCP/389, UDP/389 Log & Report TCP/21, TCP/22 Configuration Backups TCP/22 Alert Emails TCP/25 DNS UDP/53 NTP UDP/123 SNMP Traps UDP/162 Report Query TCP/389 Syslog & OFTP TCP or UDP/514 RADIUS UDP/1812 3rd-Party Servers Incoming Ports Purpose Protocol/Port FortiAuthenticator SMTP, Alerts, Virus Sample […]

Examples and Troubleshooting

Examples and Troubleshooting This chapter provides an example of a FortiGate unit providing authenticated access to the Internet for both Windows network users and local users. The following topics are included in this section: Firewall authentication example LDAP Dial-in using member-attribute example RADIUS SSO example Troubleshooting Firewall authentication example Example configuration Overview In this example, […]

Monitoring authenticated users

Monitoring authenticated users This section describes how to view lists of currently logged-in firewall and VPN users. It also describes how to disconnect users. The following topics are included in this section: Monitoring firewall users Monitoring SSL VPN users Monitoring IPsec VPN users Monitoring users Quarantine Monitoring firewall users To monitor firewall users, go to […]

Agent-based FSSO

Agent-based FSSO FortiOS can provide single sign-on capabilities to Windows AD, Citrix, Novell eDirectory, or, as of FortiOS 5.4, Microsoft Exchange users with the help of agent software installed on these networks. The agent software sends information about user logons to the FortiGate unit. With user information such as IP address and user group memberships […]

Single Sign-On using a FortiAuthenticator unit

Single Sign-On using a FortiAuthenticator unit If you use a FortiAuthenticator unit in your network as a single sign-on agent, Users can authenticate through a web portal on the FortiAuthenticator unit. Users with FortiClient Endpoint Security installed can be automatically authenticated by the FortiAuthenticator unit through the FortiClient SSO Mobility Agent. The FortiAuthenticator unit can […]

Certificate-based authentication

Certificate-based authentication This section provides an overview of how the FortiGate unit verifies the identities of administrators, SSL VPN users, or IPsec VPN peers using X.509 security certificates. The following topics are included in this section: What is a security certificate? Certificates overview Managing X.509 certificates Configuring certificate-based authentication Support for per-VDOM certificates Certificate-based authentication […]