FortiAuthenticator Open Ports Outgoing Ports Purpose Protocol/Port FortiGate RADIUS UDP/1812 FSSO TCP/8000 FortiGuard AV/IPS Updates TCP/443 Virus Sample TCP/25 SMS, FTM, Licensing, Policy Override Authentication, URL/AS Updates TCP/443 Registration TCP/80 FortiAuthenticator Open Ports Incoming Ports Purpose Protocol/Port Others SSH CLI TCP/22 Telnet TCP/23 HTTP & SCEP TCP/80 SNMP Poll UDP/161 […]
FortiAuthenticator Open Ports Diagram
Using FortiAuthenticator To Perform Account Self Service For AD I was asked a question on the FortiAuthenticator 4.0 Admin Guide about whether or not the FortiAuthenticator was needed in order for a FortiGate to communicate and authenticate with Windows Active Directory. The answer to that question is a resounding “NO” […]
Filter Syntax This chapter outlines some basic filter syntax that is used to select users and groups in LDAP User Import, Dynamic LDAP Groups, and Remote User Sync Rules. Filters are constructed using logical operators: = Equal to ~= Approximately equal to <= Lexicographically less than or equal to >= […]
Troubleshooting This chapter provides suggestions to resolve common problems encountered while configuring and using your FortiAuthenticator device, as well as information on viewing debug logs. For more support, contact Fortinet Customer Service & Support (support.fortinet.com). Before starting, please ensure that your FortiAuthenticator device is plugged in to an appropriate, and […]
Logging Accounting is an important part of FortiAuthenticator. The Logging menu tree provides a record of the events that have taken place on the FortiAuthenticator unit. Log access To view the log events table, go to Logging > Log Access > Logs. The following options and information are available: Refresh […]
Certificate Management This section describes managing certificates with the FortiAuthenticator device. FortiAuthenticator can act as a CA for the creation and signing of X.509 certificates, such as server certificates for HTTPS and SSH, and client certificates for HTTPS, SSL, and IPSEC VPN. The FortiAuthenticator unit has several roles that involve […]
RADIUS Single Sign-On A FortiGate or FortiMail unit can transparently identify users who have already authenticated on an external RADIUS server by parsing RADIUS accounting records. However, this approach has potential difficulties: The RADIUS server is business-critical IT infrastructure, limiting the changes that can be made to the server configuration. […]
