Hi I would like to configure Fortigate for always-up VPN connectivity
like Direct Access with the VPN being initiated before the user has
logged on to the laptop. Either secured by a valid certificate issued
individually to each machine from our inte...
Hi everybody PBR on my Fortgate is not working as expected but rather
kind of odd. I have FGT300D running firmware 5.2.11. It's an
outer/perimeter FW installation, one Internet breakout, couple of
interface based IPSec VPN terminated. Routing is stat...
Hi Hope somebody could review this scenario and come up with some hints.
I have Fortigate 300D as a typical perimeter firewall. On external
interface (WAN) I have larger public IP subnet of size /26. WAN
interface terminates several IPSec site2site t...
Hi Tnx for quick answer, @Fullmoon! I've seen that video, but the focus
there is mostly on how do you configure xml profile, not is it possible
to use machine certificate instead of AD username/password. I am also
wondering does this need additional ...
Hi Baptiste Thank you for your reply :) Not sure I understood what you
meant with NetScaler sending packets to itself and how that could help
firewall to do its job? Please could you explain it a bit more? Here are
my PBR policies: config router poli...
Hi I cannot read from your post what was scanned by your scanner? Was it
firewall's management GUI (on HTTP/HTTPS) or some web service that is
behind the firewall? Z.
Hi Toshi, I did the change and everything went smooth and as planned :)
Thanks for tips! The only thing I needed to fix was VPN tunnels. I had
to specify "local-gw ip" in each ipsec phase1 profile which was
necessary to make ipsec traffic source from...
