Solved

Hi, just a short question: We use the FortiClient SSLVPN (the small Client, only SSLVPN!) for Client to Site VPN. If we have to perform an Update of this client, we need to configure the whole stored Sessions manually after that, because the " old" Client were complete uninstalled. Is there any possibility to backup the sessions and restore this after an update of the Client? It`s a list of round about 12 Sessions with different settings, because these are different customers environments...

We are going to be sharing an office with another company. We are going to have two internet connections that we would like to share with each other. Both connections have 5 static IP addresses. We will use three or four of these on each connection and the other company will use the other one or two addresses on each connection. For simplicity sake lets assume only one connection for now as I should be able to make this work on the other connection once I get it figured out on the first one. I have read through the VDOM guide and unfortunately there are no real good examples using a situation like mine. The way I would like to set this up is with a management VDOM and then a VDOM for each company. Both companies require Virtual IPs setup for some external services. I think I will need to use a Vlink connection between the management vdom and our two companies. I am not sure how to translate the external ip addresses using Virtual IP into the correct VDOMs. If anyone coul

Hi all, As I am relatively new to the subject, please ignore the simplicity of the question: We have a fortigate 110C with 4.0 MR1 Patch7. Recently we installed the FSAE package on our MS-domain controllers to be able to alllow/block access based on AD-users or AD-groups (that is at least what I understand what should be able). Now, if I configure a policy with the Identy Based Policy option activated, I can add a previously AD-group defined to have access to a certain service, for example HTTP/HTTPS. However, all other users not belonging to the selected group are blocked to the HTTP/HTTPS service, while my expectation would be a fall through to the next policy, which would give me the same way of working with IP-based policies. The group used in the Identity Based Policy option is a Directory Service group created through the User, User Group options that includes a group from the AD-server Thanks in advance.

After reading several of the forum post on both Fortinet and Microsoft, I still am not able to get RADIUS authentication from an FLG100B (analyzer) and MS Windows Server 2008 SP2 (not R2). I think I am missing the required fields necessary to validate the admin authentication. *Each device and ping one another *Firewall on the server is disabled *NPS is working for VPN and Dialup access *RADIUS key is eight characters long (attempted with and without special characters) * The default " Use Windows authentication for all users" is present and valid *Referenced http://docs.fortinet.com/fgt/handbook/fortigate-authentication-40-mr2.pdf

I' ve recently modified a route and also deleted a route. Neither change shows in the acting routing table. It still shows what was previous to the changes. Any ideas? FG10CH3G09620149 (root) # sh router static config router static edit 1 set device " port1" set dst 10.98.169.192 255.255.255.192 set gateway 10.98.130.250 set weight 50 next end FG10CH3G09620149 (root) # get router info routing-table static S* 0.0.0.0/0 [10/0] via 172.16.155.33, wan2 S 10.98.139.192/26 [10/0] via 10.98.130.250, port1, [0/50]

Hi All, I' ve set a PPPoE password in FortiGate. Now, when I backup configuration to my local pc, the password had been hash or encrypt into " O+5MYduEK/YD0mpLG3TLu0EqzqaP2h9oByvk8qoRLs4oHzkIdIggVhOClI8T0wRTDbm8V4" If I forgot the original password of PPPoE, can I get the original password from backup configuration ??? thx !!

hi, I have in url filter www.facebook.com block and the url filter is enabled on protection profile, and yet so well is connected to facebook buscar

Hello there, I want to know how i can delete all sessions opened from a particular client IP address, instead of delete single sessions by clicking delete icon on Session Details. Imagine if a client had hundreds of sessions opened. There should be way from CLI. Thanks in Advance. FostiOS v4.0.0,build0092

I' ve got a Fortimail 100 on evaluation for the next week, have it running in gateway mode behind a firewall (Fortigate 300A) and is scanning externally send incoming email no problems on Exchange 2003. The problem I have is that it isnt scanning internally sent outbound mail, the admin guide says configure the email client' s outgoing smtp server to be the Fortimail but I can' t see how Exchange lets you do this. Any replies would be greatly appreciated. Cheers Dan

Is there a way to set up PEAP authentication against Windows AD? For example, the goal we are trying to achieve is for a user who is in wifi range to be automatically connected to the wifi network using WPA encryption and Windows domain credentials. In other solutions the AP talks to the Windows IAS server, which is set up to allow access based on Windows domain groups. Is anything like this possible using the wifi 60a?