Description This article describes how to resolve the error 'Included
profile file could not be read' when trying to join FortiNAC to a domain
under Network -> RADIUS -> 'Winbind' Tab. Scope FortiNAC. Solution
FortiNAC can sometimes, when trying to j...
Description This article provides a basic understanding of certificates
and some basic troubleshooting steps for a wide variety of certificate
issues. Scope FortiOS. Solution FortiGate uses certificates in various
different ways, and will need to int...
Description This article describes what CLI settings are necessary to
allow FortiGate to submit SSLVPN credentials automatically in an SSLVPN
bookmark. Scope FortiOS. Solution SSL VPN web mode allows the creation
of bookmarks. The bookmarks can point...
Description This article describes how to increase the number of virtual
interfaces of a FortiAuthenticator-VM. Scope FortiAuthenticator-VM
Solution FortiAuthenticator-VMs can scale as desired, which can come
with a need for additional interfaces. It...
Description This article describes how to set custom user fields in
FortiAuthenticator, and how to include it in LDAP service responses.
Scope FortiAuthenticator 6.5 and higher. Solution FortiAuthenticator
allows the creation of up to three custom us...
Hey rezafathi, you have multiple options:- you can add all 10 vlans to a
zone (but then you can only use the zone interface for policies) - you
can create 10 policies, one for each VLAN - you can enable 'Multiple
Interface Policy' under System > Feat...
Hey jcegar, you might have to do a failover on the cluster so the other
node is in charge for a bit and can connect to FortiCloud itself;
FortiCloud can sometimes have issues with seeing cluster nodes properly
if the cluster was formed before the dev...
Hey Laurent, that's strange, that FortiAuthenticator allows agent and
push on one interface, but not the other. Just to be sure: - you have
enabled the same admin and service access on both interfaces for API?
You might need to allow HTTPS admin acce...
To expand a bit on funkylicious: - the configuration backup is
essentially just a CLI configuration dump - you can copy/paste large
parts without any issue (if you're on roughly the same firmware
release), as much of the configuration is device-agnos...
Hey squid-c, this is maybe a stupid question, but: - you have policies
from SSLVPN to spoke1 IPSec, and spoke2 IPSec, correct? - those policies
have NAT enabled? -> the interfaces "spoke1" and "spoke2" are IPSec
tunnel interfaces, I assume? -> do the...