Manuals / Fortinet / Computer Equipment / Network Card

Fortinet FSAE manual Configuring Fsae on Windows AD

Models: FSAE

1 20
Download 20 pages 17.14 Kb
Page 8
Image 8

Configuring FSAE on Windows AD

Using FSAE on your network

9Select Next and then select Install.

10When the FSAE InstallShield Wizard completes, ensure that Launch DC Agent Install Wizard is enabled and select Finish.

The FSAE - Install DC Agent wizard starts.

11Check the Collector Agent IP address.

If the Collector Agent computer has multiple network interfaces, ensure that the one that is listed is on your network. The listed Collector Agent listening port is the default. You should change this only if the port is already used by some other service.

12Select Next.

13Check the list of trusted domains and select Next.

If any of your required domains are not listed, cancel the wizard and set up the proper trusted relationship with the domain controller. Then run the wizard again by going to Start > Programs > Fortinet >

Fortinet Server Authentication Extension > Install DC Agent.

14Optionally, select users that you do not want the DC Agent to monitor logon status for. These users will not be able to authenticate to FortiGate units using FSAE. You can also do this later. See “Configuring FSAE on Windows AD” on page 8.

15Select Next.

16Optionally, clear the check boxes of domain controllers on which you do not want to install the FSAE DC Agent.

17Select Next.

18Select Yes when the wizard requests that you reboot the computer.

Note: If you reinstall the FSAE software on this computer, your FSAE configuration is replaced with default settings.

If you want to create a redundant configuration, repeat this procedure on at least one other domain controller.

Note: When you start to install a second collector agent, when the Install Wizard dialog appears the second time, cancel it. From the configuration GUI, the monitored domain controller list should show your domain controllers unselected. Select the ones you wish to monitor with this collector agent, and click Apply.

Before you can use FSAE, you need to configure it on both Windows AD and on the FortiGate units. See the next section, “Configuring FSAE on Windows AD”, and “Configuring FSAE on FortiGate units” on page 14.

Configuring FSAE on Windows AD

On the FortiGate unit, firewall policies control access to network resources based on user groups. Each FortiGate user group is associated with one or more Windows AD user groups.

 

Fortinet Server Authentication Extension Version 1.5 Technical Note

8

01-30005-0373-20071001

Page 7 Page 9
Page 8
Image 8
Fortinet FSAE manual Configuring Fsae on Windows AD, Fortinet Server Authentication Extension Install DC Agent
Page 7 Page 9