Hi everyone, I need to use an IPSEC VPN connection for automatic dial-in
using (machine) certificates. This used to work in EMS 1.0.5 using an
XML configuration that disables xauth.However the xml parser in EMS 1.2
seems to always add1 and
I tried to...
Hi there I am trying to achieve the following: - on internal interface
there are 2 PCs - a laptop connected via wireless. One of the PCs
publishes a UDP multicast stream to 224.10.10.10:1234 the second PC can
subscribe to the stream without issues (o...
Hi there is there any solution to the following scenario - the fortigate
60c/d internal interface transmits any multicast traffic on the local
lan interfaces to every interface. A simple switch with igmp snooping
can prevent multicast being sent to n...
Hi there just upgraded to 5.0.7. Dynamic objects now went into the
object edit pane. Nice one! But it seems I cannot add any dynamic
subnets in addresses. the OK button just does nothing and the change is
not applied. I could track that down to the "...
Hi there is anybody actually using the central VPN console mode in
fortimanager? I am trying to convert VPN Configurations and have all
sorts of trouble, e.g. creating a phase 2 to an external (non managed)
Hub that needs a src-subnet and dst-subnet....
If I remember correctly the supported second factor for SSL VPN is
certificate based only. So trust your personal CA and deliver
certificates to the users.
Hello, aggregate or redundant interfaces are only supported on devices
starting from 100(D).You could use STP and just connect the two cables
to two hardware switch ports though.
By the way in my lab the follwing is not workinga) use a VIP with a
defined WAN Interface -> the SD WAN Router should then consider the VIP
and automatically also consider the linked Interface. Would be nice but
doesn't happen. IP Translation will st...
Yes, this is what I really don't like about SD-WAN. The rules seem to be
just a retarded Version of the policy Routing engine. However, they even
kick in if they shouldn't even be considered. So - Workaround - create
policy rules with your internal N...
I would say you should consider also the 100D- OK, older (D) generation-
D is a little cheaper than E- rock solid device running at many many
customer sites- OS 5.2 support if pure stability is a key factor Of
course you can go for the latest generat...
