Hi FWB adminsIn FortiWeb standard A-A HA I can see session pickup (in
CLI), but not in high volume A-A HA, while I think this feature must be
available here since HV A-A HA should keep the sessions on fail-over, as
this is basic HA feature when the s...
Hi FWB admins In FortiWeb, when using SAML authentication to access a
protected server, can FWB protect against Credential Stuffing?I think
something in the admin guide says it does when using site publish, but
it is not 100% clear if it
does.https:/...
Hi Fortinet teamIs it planed to add credential stuffing defense to
FortiAuthenticator?I see it is already in FWB and FAD, but I think it
should be definitely a natural feature in FortiAuthenticator.
Hi ZTNA adminsRegarding EMS georedundancy HA deployment, on each site
there is one EMS, one edge FGT, and each has its public IP. The clients
are registered with ztna.domain.com pointing to the first site's public
IP.My question is, what is the best ...
Looks like a DNS issue.Are your DNS queries sent through the tunnel once
it is up?Are they served correctly?Is the telemetry server's FQDN
resolved with a different address (e.g.: the private IP) once
connected?Try fix these and redo the test.
Hi FNACIn normal working, the DPI profile sets the certificate CN to the
requested FQDN.Did you configure an authentication portal in your FGT?
If so then disable it and redo the test.Can you rebuild a DPI profile
from scratch, use it in your firewal...
HiThe shared tech tip is a good approach.However using sd-wan is
definitely the most flexible, effective and modern approach so
far.https://community.fortinet.com/t5/Support-Forum/How-to-Configure-Redundant-IPsec-Tunnels-over-SD-WAN-Links/m-p/390129
