We recently upgraded 4 Fortigates to 6.2.7 from 6.2.5 (following the
recommended path: first 6.2.6, then 6.2.7). They are 2 x 1500D and 2 x
140E-POE. After the upgrade we noticed that every entry in the Internet
Service Database had a "0" in the "num...
I have EMS 6.2.2 running and I've created an on-net and off-net profile,
which are virtually identical.The profiles have VPN, Web Filter and
Application Firewall enabled, but nothing else. I then created a 6.2.1
installer from the "Manage Installers"...
I have this set for 300 seconds/5 minutes, but it never seems to fire
and time me out. I remain connected - even when I'm away/overnight - and
am only disconnected after the authentication timeout expires (which is
set for 24 hours.) I'm assuming tha...
Kind of a strange question:I have two RADIUS servers, and two different
user groups defined - one per RADIUS server. I'm wondering if there's a
way to prioritize authenticating against one RADIUS server over the
other. So, we have a user connect via ...
I may be missing something, but it seems like the only way to direct
users to certain SSL-VPN portals is via the Authentication/Portal
Mapping section in the SSL-VPN Settings. That entails creating a user
group on the Fortigate, then mapping that gro...
I don't think the latest version of Forticlient (6.2.2) works with the
latest Mac OS (Catalina).We are planning on deploying the 6.2.1
Forticlient because of this.I'll try to dig up where I saw that, if you
Hi Ken: We are using Microsoft's Multi-Factor Authentication server
running on Windows 2012 r2.That provides the MFA feature (along with the
'authenticator' app phones).Those servers relay the authentication
requests to a Microsoft NPS server (Win2k1...
Good idea, I guess i could use a load balancer, but I would hate to add
yet another device to the authentication process. I do already have
2xMFA servers that relay authentication to 2xNPS servers. My thinking is
if there is something wrong with the ...
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.