Hi, in 9:58 you add *all, in my network we have an captive portal and when i add *all its bypass all the conections. I want to login in computer with ldap user and the internet access will be released, in my scenario i'll have website blocks acording with the user. do you have an alternative way to do this ?
Hi, no they will not allow , all means all ip addresses and specific user can have any ip address. When you put all and user , just that user can forward traffic from that policy
hi, thanks for this video :) is the fsso fabric connector collect real time group/ou/users from the AD, let say after 1 month there are new users created on the AD or groups added will automatically updated also on the firewall?
Hello, I have a question, I want to integrate FSSO with my main active directory and two replicas, for users with Windows and MAC computers, could you recommend which configuration should be managed, because I have installed it in agent mode on the three domain controllers but Users with MAC computers are not displayed in the collector of any domain controller.
@@sinaonline, yes, the domain users authenticate seamlessly to MAC devices, I checked in the active directory security event viewer and only observed the mac computer login, but not the authenticating user.
detailed differences included in this document : community.fortinet.com/t5/FortiGate/Technical-Tip-FSSO-choose-between-DC-Agent-mode-or-Polling-mode/ta-p/252651
What would be the issue if the no user is showing for "show connected user" even though it was working before and the agent status us showing as connected.
hi , as i know we can not install any agent on azure AD , azure AD just provide SaaS for manage users. i think its not possible to intergrate fortigate and azure AD.
I'm interested in video how to setting rsso firewall integration with NPS server. I want to see setup “Radius Attribute Value” connect to radius nps server and show user login rsso
Hi, in 9:58 you add *all, in my network we have an captive portal and when i add *all its bypass all the conections.
I want to login in computer with ldap user and the internet access will be released, in my scenario i'll have website blocks acording with the user.
do you have an alternative way to do this ?
Very usefull, again great job!!!
🙏
thank you for the video, Can we install the agent on a different VM than the Active Directory and open flows between them?
excellent
Thank you 🙏
Hai
I have a doubt is that adding all 9:46 is necessary for creating rule. If we add all in there is it bypass the rules or its working as one rule.
Hi, can describe more details about your problem?
Thx a lots. God bless you
your welcome , if you like videos please subscribe to my channel and share with friends
Very Good
Thank you! Cheers!
HI Sir, when you put all and the user account in the source while creating the policy, it will not allow all users?
Hi, no they will not allow , all means all ip addresses and specific user can have any ip address. When you put all and user , just that user can forward traffic from that policy
hi, thanks for this video :)
is the fsso fabric connector collect real time group/ou/users from the AD, let say after 1 month there are new users created on the AD or groups added will automatically updated also on the firewall?
Hi , thats not realtime but you can change refresh intervals. Please subscribe to my channel and share with your friend
@@sinaonlinethank you will just try to simulate this
Already subscribe 👍
Hello, I have a question, I want to integrate FSSO with my main active directory and two replicas, for users with Windows and MAC computers, could you recommend which configuration should be managed, because I have installed it in agent mode on the three domain controllers but Users with MAC computers are not displayed in the collector of any domain controller.
hi, does your mac users authenticated from ad?
@@sinaonline, yes, the domain users authenticate seamlessly to MAC devices, I checked in the active directory security event viewer and only observed the mac computer login, but not the authenticating user.
MAC means “media access control” and relates to the OSI Model. Did you possibly mean Macintosh computers?
@@mitchellsmith4601 in this scenario mac is Macintosh
What's the difference between polling mode and DC agent?
detailed differences included in this document : community.fortinet.com/t5/FortiGate/Technical-Tip-FSSO-choose-between-DC-Agent-mode-or-Polling-mode/ta-p/252651
What would be the issue if the no user is showing for "show connected user" even though it was working before and the agent status us showing as connected.
hi, can you describe with details?
Can I integrate to Azure AD instead Windows Server AD? We want to get rid from Server on premise, and use only Azure Cloud to manager our users.
hi , as i know we can not install any agent on azure AD , azure AD just provide SaaS for manage users. i think its not possible to intergrate fortigate and azure AD.
Sir, please make a video on windows DHCP server integration with FortiGate firewall.
Hi, i will do that as soon as possible, can you tell what exactly do you want to see in that video?
I'm interested in video how to setting rsso firewall integration with NPS server. I want to see setup “Radius Attribute Value” connect to radius nps server and show user login rsso
hi , that is great subject , i will record a video related to your question as soon as possible
hi , i have uploaded new video related to this topic , you can see that , have a good day
@@sinaonline Thx
what is the purpose of the music in the video?
what you mean?
Dude can’t no one understand you. Can you speak proper English? Maybe edit and have a dub created?????
Thanks for your useful comment, i will pay attention to this.
Very good