I have split tunnel and split dns set up. When I vpn in I can see that
my dns servers are set to what is defined in the split tunnel
configuration. However, when I try to do a dns lookup the response shows
me the dns server from the split tunnel but ...
I am running FortiGate in AWS. I have users who will be using SSL VPN
(no natting). I have many hosts I need to reach over SSL-VPN in AWS that
are accessed via a TransitGateway. The TransitGateway has the route of
10.0.0.0/8. However, when I am tryin...
On the Fortigate under SSL-VPN Settings you need to specify an Address
Range. But you also need to do the same thing under SSL-VPN Portals
Source IP Pools. Presumably if you have multiple portals each one would
have their own IP pool. So why are you ...
I am testing out client based ssl-vpn using SAML Auth. When I debug saml
on the fortigate I see that group that comes back from SAML is correct
but I am getting added to the wrong portal. I have users group
configured as per
https://docs.fortinet.com...
We have decided to do a phased roll out of ForiClient VPN for our users.
The first phase (which we are in) is to let everyone do SSL VPN just
like they were doing on our old Cisco VPN. I have that working however,
we found that one of our domain name...
What I have is an AWS Organization which is composed of many accounts in
AWS connected together. Sadly, if you open a ticket with AWS support
they are only able to look at the account the ticket was opened in. My
original ticket was opened in the acc...
AWS did come back and give me an answer. What I have is an AWS
Organization which is composed of many accounts in AWS connected
together. Sadly, if you open a ticket with AWS support they are only
able to look at the account the ticket was opened in....
As you suggested I did open a second case in the account where the
fortigate is with AWS linking it back to my other case where the transit
gateway is. I am going to force their hand.
The fortigate is in one AWS account and the DNS server is in another
account. So no. They need to reach each other via AWS TransitGateway.
There is a rule on the Transit Gateway attachment point the direction to
the VPN Client IP range.