fortinet100e single signon


#1

how to set up single signon in fortinet 100e ?


#2

Hello!


Could you be a little more specific with your question? Do you want to poll multiple fortinet devices with Indeni using the same credentials?


#3

this one for you guys


#4

Hi , I'm assuming you are attempting to enable FSSO (Fortinet Single Sign-On) for web content filtering. If that is not the case, please let me know. This configuration can be dependent on the firmware version you are running, however the following Fortinet Cookbook Recipe will likely have the relevant configuration for the version you are running.


v5.2.x

http://cookbook.fortinet.com/providing-single-sign-using-ldap-fsso-agent-advanced-mode-expert/


v5.4.x

http://cookbook.fortinet.com/single-sign-using-ldap-fsso-agent-advanced-mode-expert/


Take a look at this and feel free to come back with additional questions.


#5

Hi,

Please see the below URL on how to configure FSSO on fortigate:


https://docs.fortinet.com/uploaded/files/1675/providing-Single-Sign-On-for-Windows-AD-with-a-FortiGate.pdf


There are two modes that we can use with FSSO: DC agent mode and polling mode. DC agent mode is recommended because the polling agent mode will poll AD server for user login information which will spike up the load on Fortigate (Performance issues). On DC agent mode, Collector agent will poll the AD server for the user login information and will send the details to the Fortigate. When we have more than 50 users to authenticate against FSSO, its better to go for DC agent mode.


Please let me know if you need more expalnation about how each mode works and provide us your requirement.