Hello guys! Got a bit confused with FG's auth process for remote ssl-vpn
users. For now we have a simple LDAP/AD (w/o agent) based authentication
for remote users and ACL based on AD group names, everything just works
and works fine. Now I got the ca...
Hello colleagues! Got confused with a simple case with IPsec on the
first view. The situation:We have a 3rd party partner who is not smart
enough unfortunately. We have to establish an IPsec tunnel via 2
different link , but with policy base only(don...
Hello colleagues! I am a bit got lost within mp-bgp and vrfs on
fortigates, let me explain in a nutshell.Let's imagine the schema when
we have a "core" multi role switch and several appliances connected as a
star topology (or like a leafe spine , but...
Mate, one more question: is it "normal" logic by design that the FG
works with MS_NPS expecting the whole list of VSA group attributes? Also
from the
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Configuring-FortiGate-and-Microsoft-NPS-Ra...
sorry, one more question: in the case with Radius\NPS + Azure MFA will
we need to configure the client's side (like with SAML) or the 2FA field
will pop up automatically ?
guys, it's still unclear should I select the option "any" in the
creating group menu and exact group names will be delivered as a AVP
value or create all AD groups with "specify" option ?
yes, FG does request for all possible available servers and methods ,
that is behaviour that I can't understand why they implement this, why
without priorities and steps ? There are a lot of cases where people got
confused. Could you explain how FG g...