Troubleshooting Tip: FSSO Complete troubleshooting...

jdelafuente_FTNT · 10-28-2024

Description This article describes how to configure subnet to subnet NAT. Scope FortiGate, SNAT Solution Original source network: 10.20.30.0/24 Translated SNAT network: 172.16.25.0/24 Network original and NAT must have the same netmask in this case /...

jdelafuente_FTNT · 10-21-2024

Description This article describes how to configure a local-in policy to restrict SSH admin access from a specific country using non-common ports. Scope FortiOS, FortiGate. Solution Configuration example: SSH port: 2246 Country Allowed: Mexico Config...

jdelafuente_FTNT · 10-13-2024

Description This article describes the behavior in the GUI-related DDNS configuration Menu. Scope FortiGate. Solution FortiOS provides the ability to configure FortiGuard's own DDNS services. The menu should be configurable underNetwork -> DNS -> For...

jdelafuente_FTNT · 10-04-2024

Description This article describes how to configure the ignore user list directly in FortiAuthenticator for FSSO/SSO method. Scope FortiAuthenticator, FSSO, ignore user list, exempt user in FSSO. Solution One best practice in FSSO is to set up an ign...

jdelafuente_FTNT · 10-03-2024

Description This article describes how to find out which policy IDs are being used for troubleshooting purposes. Scope FortiGate. Solution In FortiOS GUI, access to Dashboard -> Fortiview Sessions. Place the mouse over the title of the first column, ...

jdelafuente_FTNT · 11-06-2024

Did you solve the issue?

jdelafuente_FTNT · 10-28-2024

- Have you tried it yet?- Have you seen the response from user @randada1in that video?

jdelafuente_FTNT · 10-26-2024

You got it! Use wan2 with L3 configuration as admin interface, you can connect it into your customer LAN. Best regards

jdelafuente_FTNT · 10-26-2024

Here is the problem you have duplicated IP issue, remember it's an extended LAN same broadcast domain, you can't have same IP in FGT-A and FGT-B try this: -> Remove interface IP in FortiGate-B, keep in FortiGate-A and try again. Keep in mind. You don...

jdelafuente_FTNT · 10-25-2024

No, you need at least one IP for internet connection for updates, Maybe if you use 3rd port connected to LAN and receive internet from NGFW.Also, in your architecture you lost visibility of internal network traffic, you only see traffic from your WAN...

User Statistics

User Activity

Troubleshooting Tip: SNAT Subnet-to-Subnet with IP Pool Fixed Port

Technical Tip: How to restrict SSH admin access from a specific country using non-common port

Technical Tip: DDNS Menu not available in GUI

Technical Tip: How to set ignore user list in Fortiauthenticator for SSO

Technical Tip: How to know wich policy ID is used in FortiGate session table

Re: Issue with Cross-VLAN Communication over VXLAN/IPSEC between Two Sites

Re: Issue with Cross-VLAN Communication over VXLAN/IPSEC between Two Sites

Re: FG-60E in transparent mode

Re: Issue with Cross-VLAN Communication over VXLAN/IPSEC between Two Sites

Re: FG-60E in transparent mode

Troubleshooting Tip: FSSO Complete troubleshooting...

Troubleshooting Tip: VPN SSL connected but no IP a...

Technical Tip: FSSO choose between DC Agent mode o...

Troubleshooting Tip: HA troubleshooting informatio...

Troubleshooting Tip: How to read FSSO CA debug log...

Re: FG-60E in transparent mode

KCS