5-2 FSSO

Hamid Talebi

Chapter 5 – Authentication

5-2 FSSO

Learning Objectives

Install FSSO Agent on Windows Server
Configure a FSSO

Scenario: FSSO stands for Fortinet Single Sign-on and it is used to allow users to login into the network with one single login credential. In this scenario, we are going to focus on agent-based FSSO and we are going to install the agent on Windows Server. Then, anyone logins through Active Directory, we can track them through FortiGate Logs and Events.

1- In this scenario, we are going to join windows 10 to Active Directory that we have set already. The domain controller name is Hamid.local. First, we will join Windows 10 to the domain controller.

Figure 5-12: Step 1- Join Windows to the Active Directory

Figure 5-14: Step3- Enter username and password of AD administrator

2- Install FSSO Agent on the AD server.

The password you set here for the agent is going to be used in the FortiGate firewall when you want to connect to the FSSO Agent.

Figure 5-17: Step3- Configure FSSO Agent

3- In the FortiGate firewall, go to Security Fabric>External Connectors > FSSO Agent on Windows AD

Enter the same password you have set in step 2.

Set FFSO Agent settings — Figure 5-19: Set FSSO Agent settings

4- you should be able to connect to FSSO Agent and you can verify the status of the external connector.

5- Verify your configuration by going to Log & Report > Events > User Events.

6- After connecting to the Agent, you should be able to see users and groups in AD when you are creating a new user.

License

Icon for the Creative Commons Attribution 4.0 International License

FortiGate Firewall: Practical Guidance and Hands-On Labs by Hamid Talebi is licensed under a Creative Commons Attribution 4.0 International License, except where otherwise noted.

License

Share This Book