?
Solved

Users are not getting internet

Posted on 2015-02-23
3
Medium Priority
?
60 Views
Last Modified: 2016-06-01
I have created two different domain as member domain servers in different networks and with different network firewall. We are facing issues that most of the users are not getting authenticated on Fortigate single sign on agent which is installed on both DCs. and thats why they are not getting internet. As we stop the connectivity or tunnel link between these networks, users can access internet.

I have two networks and i have two domains with server  2003 and another with 2012 R2 server. We are using Fortigte 100D firewall.

-Abhijit
For Infrasoft Technologies.
0
Comment
Question by:syinfra
3 Comments
 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 2000 total points
ID: 40625838
As you have stated this is something very specific with your Fortinet appliance. I am not sure how much assistance you will get here unless someone has experience with this SSO feature as well.

I would suggest checking the Logs on the DC's and also the Fortinet box as well to see what is being blocked.

I would also recommend using something like Wireshark to see the packet captures for a workstation when the SSO is enabled.

Will.
0
 
LVL 4

Expert Comment

by:bominthu
ID: 40626251
I have 100D. Could you share the Fortigate config ? I can have a look what is denying access to internet.
0
 

Author Comment

by:syinfra
ID: 40635559
I have configured deny rules on both sides of network firewall, not to logon on remote Domain server. Only logon to local domain server. users who are facing issues regarding internet, they are logging on to remote domain server. i.e. user from 172.25.X.X subnet is logged on to 172.21.X.X domain server.
0

Featured Post

Receive 1:1 tech help

Solve your biggest tech problems alongside global tech experts with 1:1 help.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
Transferring FSMO roles is done when an admin wants to split roles between certain Domain Controllers or the Domain Controller holding the Roles has been forcefully demoted using dcpromo / forceremoval
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question