?
Solved

Users are not getting internet

Posted on 2015-02-23
3
Medium Priority
?
50 Views
Last Modified: 2016-06-01
I have created two different domain as member domain servers in different networks and with different network firewall. We are facing issues that most of the users are not getting authenticated on Fortigate single sign on agent which is installed on both DCs. and thats why they are not getting internet. As we stop the connectivity or tunnel link between these networks, users can access internet.

I have two networks and i have two domains with server  2003 and another with 2012 R2 server. We are using Fortigte 100D firewall.

-Abhijit
For Infrasoft Technologies.
0
Comment
Question by:syinfra
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 2000 total points
ID: 40625838
As you have stated this is something very specific with your Fortinet appliance. I am not sure how much assistance you will get here unless someone has experience with this SSO feature as well.

I would suggest checking the Logs on the DC's and also the Fortinet box as well to see what is being blocked.

I would also recommend using something like Wireshark to see the packet captures for a workstation when the SSO is enabled.

Will.
0
 
LVL 4

Expert Comment

by:bominthu
ID: 40626251
I have 100D. Could you share the Fortigate config ? I can have a look what is denying access to internet.
0
 

Author Comment

by:syinfra
ID: 40635559
I have configured deny rules on both sides of network firewall, not to logon on remote Domain server. Only logon to local domain server. users who are facing issues regarding internet, they are logging on to remote domain server. i.e. user from 172.25.X.X subnet is logged on to 172.21.X.X domain server.
0

Featured Post

Bringing Advanced Authentication to the SMB Market

WatchGuard announces the acquisition of advanced authentication provider, Datablink, with one mission – to bring secure authentication to SMB, mid-market, and distributed enterprises with a cloud-based solution, ideal for resale via their established channel & MSSP community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here's a look at newsworthy articles and community happenings during the last month.
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses
Course of the Month15 days, 8 hours left to enroll

741 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question