Description This article describes how to use logging in VoIP profiles
to monitor traffic and/or troubleshoot VoIP SIP/SCCP related issues.
Scope FortiOS. Solution FortiOS does provide solid logging capabilities.
That logging needs to be set on respe...
DescriptionThis article describes how to run FSSO in dual (or multi) NIC
environment.Quite often we see issues in FSSO caused by simultaneous use
of wired and Wi-Fi connections, especially with docking stations and
notebooks. Not that often in dual-N...
Description This article describes how FortiToken Push feature works
with FortiAuthenticator and Apple/Android based devices, the
configuration requirements and the workflow on FortiAuthenticator when a
user authenticates.Useful links:FortiAuthentica...
Description This article describes how to modify the LDAP Nested group
settings. In order to authenticate user via LDAP while the user is not a
direct member of the group, but member of nested group, set FortiGate in
the way it will be able to check ...
Description This article gives the list of valid RADIUS VSA Dictionary
(vendor-specific attributes) of Fortinet devices. Refer to the Related
Articles for FortiGate Radius VSA Dictionary (vendor-specific
attributes). Scope # -*- text
-*-#############...
Whenever there is any dynamic interface like VPN tunnel one (usually
routing with just private IPs), I'm trying to set blackhole routes to
prevent private traffic leaking out through default route. That's
especially important for chatty applications ...
Hi pinaldeni, "supports unencrypted PAP" is not completely true.
User-Password at least IS (AFAIK) 'encrypted' lightly with pre-shared
secret between RADIUS server and NAS (RADIUS client - FortiPortal in
this case).
Hint: you might ask via Technical ticket , however note that date is
just estimated/expected release date as Fortinet does not have fix
release dates and so there might be delay in release caused by extended
Q&A test, or new issues found during test,...
I just heard some rumors on Great Chinese FireWall, so I would even
doubt it would be doable to have reasonably reliable and stable single
"domain" setup. And as you mentioned you do not even want to have those
overseas interconnected to china site, ...
Hello sroman1, it depends on what do you expect from DR to do and how
complex it supposed to be. I would expect fully transparent fallbacks
without any noticeable impact for end users. Most of the authentications
you mentioned are client-server state...