Description This article describes how nested groups can be used in a
Fortinet Single-Sign-On context. Scope FortiGate, Collector Agent
Solution Nested groups, in an Active Directory environment, refer to a
group which is in turn a member of another ...
Description This article explains two portals that FortiAuthenticator
offers, captive portal and self-service portal, their purpose, and
differences. Scope FortiAuthenticator. Solution FortiAuthenticator can
provide a number of portal services, inclu...
Description This article explains common timeout issues with FortiGate
and external captive portal configuration. Scope FortiGate. Solution
FortiGate offers Captive Portal authentication in the context of WiFi or
interface authentication. It also all...
Description This article explains how to downgrade a FortiAuthenticator
to a previous version for recovery purposes. Scope FortiAuthenticator
Solution FortiAuthenticator upgrades may sometimes need to be reverted.
In this case, a downgrade becomes ne...
Description This article expands upon the FortiGate cookbook here:
https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/15908/transparent-proxy
It illustrates in greater detail how to configure a transparent,
session-based proxy with web cooki...
Dear AliE, I have checked through reported issues, and found one
instance of this behavior mentioned. In that case, they were able to
recover by formatting and installing 6.0.7, and then going from there.
There are some significant changes 6.0.7 intr...
Dear Matie, your setup looks ok as far as I can see - you have a policy
in place from private to internet with the appropriate interfaces, and
you have routing in place. The policy also applies NAT, so this is not a
case of private IPs going out and ...
That is a good idea! We have a KB on how to restore a FAZ config on a
different model (like moving to a different hardware mode):
https://community.fortinet.com/t5/FortiAnalyzer/Technical-Tip-Using-exec-migrate-to-migrate-to-a-new/ta-p/193414
Hey yeowkm99, in principle you can export reports and import into a
different FortiAnalyzer, but you might run into issues if they are in
different firmware versions. Some of the underlying syntax might have
changed between different FortiAnalyzer fi...
Hey druber, as Ede mentioned, the group ID determines the virtual MAC
addresses associated with the cluster (the MAC addresses the primary
unit will use for its interfaces instead of the actual physical MAC
addresses). If you have more than one Forti...
