We recently upgraded 4 Fortigates to 6.2.7 from 6.2.5 (following the
recommended path: first 6.2.6, then 6.2.7). They are 2 x 1500D and 2 x
140E-POE. After the upgrade we noticed that every entry in the Internet
Service Database had a "0" in the "num...
I have EMS 6.2.2 running and I've created an on-net and off-net profile,
which are virtually identical.The profiles have VPN, Web Filter and
Application Firewall enabled, but nothing else. I then created a 6.2.1
installer from the "Manage Installers"...
I have this set for 300 seconds/5 minutes, but it never seems to fire
and time me out. I remain connected - even when I'm away/overnight - and
am only disconnected after the authentication timeout expires (which is
set for 24 hours.) I'm assuming tha...
Kind of a strange question:I have two RADIUS servers, and two different
user groups defined - one per RADIUS server. I'm wondering if there's a
way to prioritize authenticating against one RADIUS server over the
other. So, we have a user connect via ...
I may be missing something, but it seems like the only way to direct
users to certain SSL-VPN portals is via the Authentication/Portal
Mapping section in the SSL-VPN Settings. That entails creating a user
group on the Fortigate, then mapping that gro...
I don't think the latest version of Forticlient (6.2.2) works with the
latest Mac OS (Catalina).We are planning on deploying the 6.2.1
Forticlient because of this.I'll try to dig up where I saw that, if you
haven't already.
I think this is what I used to get mine working. I may be able to pull
some screenshots from my environment later today.
https://travelingpacket.c...-group-authentication/
Hi Ken: We are using Microsoft's Multi-Factor Authentication server
running on Windows 2012 r2.That provides the MFA feature (along with the
'authenticator' app phones).Those servers relay the authentication
requests to a Microsoft NPS server (Win2k1...
Good idea, I guess i could use a load balancer, but I would hate to add
yet another device to the authentication process. I do already have
2xMFA servers that relay authentication to 2xNPS servers. My thinking is
if there is something wrong with the ...
