I have configured one of my internet connection to use push
notification. I have created the rule via Cli: config system ftm-push
set server-ip X.Y.Z.66 set status enableend I enabled FTM in the
interface.Every time I try to connect no push message a...
This is the problem. Site A (10.0.0.0/24) ------ VPN IP SEC -----> Site
B (192.168.0.0/24) ----- VPN IP SEC -----> Site C (192.168.10.0/24) Can
Site A reach Site C via Site B without direct StS connection? I was able
to do it with the clients, my VPN...
We have a VPN IPsec setted by wizard to use by forticlient.It seems that
split-tunnel is disabled. If I connect and then go to internet I
navigate by company ISP (tested by whatismyip). The VPN works like a
charm but we cannot make call by MS Teams. ...
This is the log: STARTTLS=server, relay=[192.168.X.YYY],
version=TLSv1.2, verify=CAFAIL, cipher=ECDHE-RSA-AES128-SHA256,
bits=128/128 STARTTLS=server, cert-subject=/CN=EXC02,
cert-issuer=/CN=EXC02, verifymsg=unable to get local issuer certificate
fro...
After 5 years one of my fortitoken is dead.I have changed the battery
but now the FT does a bootstrap like and then ends with 60 33 code every
time I push the botton.Does anyone know if I can change the battery on
FT or if I have to dismiss it and bu...
On which tunnel do I need the quad 0s?From A to B or from B to C?? My
CtS -> StS rules works if I use Nat with static IP of the B network.
Regards,Graziano.
Kevin,there's a bug in recent version of Forticlient for W10, using
MacOS the issue disappear.You can workaround the issue using FC version
6.0.0.0067.I've tested today with success and I'm doing a massive
downgrade. Regards,Graziano.
Ok, in datasheet I found "battery life 3-5 years"... but not "after 3-5
years it becomes garbage..." or "you cannot change the battery"... This
gadget are expensive... not a gift... Regards,Graziano.
What you can do is to prevent Fortigate to touch HTTPS at all. You can
remove https from: config user setting set auth-type http https ftp
telnet end ... but this will affect whole VDOM.This solution satisfies
me because I have no other user auth in ...
