Guest profile access may be granted to users failing NTLM authentication, such as
visitors who have no user credentials on the network. To allow guest users in NTLM, use
the following CLI command: If there are multiple domains, a trust relation must exist between them. This is automatic if they are in a forest. With the trust relation, only one FSSO DC agent needs to be installed. Without the trust relation, FSSO DC agents must be installed on each domain controller.Authentication in security policies Configuring authenticated accessUser Authentication for FortiOS 4.0 MR3
config firewall policy
edit 8
set action accept
set identity-based enable
set ntlm enable
set ntlm-guest enable
next
end
Leave a Reply