Re: Disadvantage of using a internal CA issued cer...

sw2090 · 10-25-2024

Following constellation: FortiGate with FOS 7.2.10FortiClient 7.2.5 on windows. IPsec tunnel witb psk and xauth against ldap usergroup on Authenticator and mode config. Behavior:- Tunnel connects- does psk auth and proposals- does mode config - gets ...

sw2090 · 10-01-2024

This recently has happened to us with our own Website and all our FGT. When one tries to access our website all one gets in Chrome is a QUIC Protocoll error.Looking at Chrome's netlog on a client affected I saw that it tried to use Cloudflare's ECH P...

sw2090 · 09-25-2024

We are planning to upgrade a bunch of FGT100F to 7.2.10 very soon. The official upgrade path states that this can be done in one single step. Did anyone already do that and did you experience any problems afterwards?Or was that just related to FOS <=...

sw2090 · 03-21-2024

I just ran into this: We have a Windows DHCP that has a scope for a vlan.the vlan interface on the FGT100E is set to do dhcp relaying to this Windows DHCP.the Windows DHCP also has dhcp option 138 set for all scopes it has.If I now connect a client t...

sw2090 · 02-16-2024

I did the following: - upgraded FMG to 7.0.11 while the FGT still were on 7.0.13 => everything still worked fine afterwards- upgraded the FGT to 7.0.14 during the next night (scheduled) => since then FGT keep losing the connection to FMG when I deplo...

sw2090 · 10-09-2024

You have to have access to the support portal (support.fortinet.com). Access to the Firmware Downloads requires at least one registered device with a valid FortiCare License.

sw2090 · 10-01-2024

annother solution would be to use sdwan. Add both WAN to the default Zone and maybe create an sdwan rule to maintain which wan to use when - or use the implicite loadbalancing rule.Attach some health check probably.Then use the sdwan interface instea...

sw2090 · 10-01-2024

did you make sure your policy is in front of the other internet ones? Policies match top-down and first match first server. So if your other internet policy is in front it matches first and your policy will never be hit.

sw2090 · 10-01-2024

I didn't even know a 100D can do 10G at all.Where do you click "migrate to interface"?

sw2090 · 09-26-2024

yes exactly. If one policy has no specific installation target (column install to in Policy view) it will be deployed to all FGT in that adom (or to all if it is global). So FMG wants a mapping of normalized interfaces for all FGT (either per device ...

User Statistics

User Activity

strange behavior on ipsec vpn

Sites that use Cloudflare DNS Proxy with ECH will not open behind a FortiGate

Upgrading FGT to 7.2.10 - your experience?

strange behaviour of dhcp relay

FortiManager deployment problems after FGT Upgrade to 7.0.14

Re: Forti Manager Firmware download

Re: Need assistance - dual WAN

Re: Access to Dropbox

Re: Migrate 1 gig physical LAN interface with vlans to X1 10G interface

Re: FortiManager 7.4: Interface Mapping Issue During Policy Installation

Re: Disadvantage of using a internal CA issued cer...

Re: fortigate register & management from a Fortima...

Re: Two Ipsec Tunnels for Fortigate

Re: Power LED only

Re: fortigate 1200d dont boot

Re: Buy Amazon Firewall

Re: Buy Amazon Firewall

Re: Buy Amazon Firewall

Re: Buy Amazon Firewall

Re: SD wan and failovers

Super User