Hello friends; A customer has a remote worker whose FortiClient
(v7.0.2.0090) SSL-VPN connects & authenticates successfully every time
with the office FortiGate 60E, and though the FortClient dialog box
shows the proper 192.168.20.2 address from the ...
TL;DR - how can I tell the *actual* IPv6 prefix delegated from the
upstream? A customer's 60E is running FortiOS 7, the prefix-hint asks
for a /60 from the WAN1 upstream, but it doesn't seem to be getting that
prefix, but I can't find any place where...
While tracking down some IPv6 issues, I have been unable to find the
meaning of the "flags" field in output from the diagnose ipv6 address
list command. All three of my VLANs worked fine on IPv6, but this
morning one of them wasn't. Huh? Policy ws ri...
I only barely remember, but I went back through my emails and it appears
to have been Windows 11, and my notes suggest that uninstalling the
troublesome Windows Update didn't make any difference.And for unrelated
reasons, the customer replaced the la...
Late to this game, but I ran into this tonight.When Fortinet sends the
email with the activation code, it sends it from the user who is also
the recipient, and there are plenty of email systems - including mine
and that of my customer - who reject em...
My customer who has the questionable configuration won't be back until
next week, but I'd be disappointed if FortiGate reported the *actual*
prefix as a "hint", which is what I think you're suggesting. We'll find
out in a day or two.
jfernandz wrote:So what could explain that apparently I'm not able to
reach any host in VLAN 10 from VLAN 20 if NAT is not enabled? On VLAN20,
are all the hosts using interface "internal1" using 172.20.1.1 as their
default gateway? If NAT is enabled ...
[strike]I'm not familiar with the ADC, but using both a Virtual IP
(which does NAT) *and* an IPv4 policy that enables NAT, would do
something like that. Inbound policies should almost never use NAT when
they're hitting a Virtual IP.[/strike] Oh, this...
