DescriptionFSSO collector agent by default tries to detect workstation
IP address changes by resolving the workstation host names via DNS. The
interval in which the IP address verification occurs is configured by
the 'IP address change verify interva...
DescriptionWhen configuring FSSO, administrators have the ability to
specify which user groups will be monitored by FSSO. The Group Filter
can be defined either locally on FortiGate or directly on FSSO Collector
Agent. While in general the group filt...
DescriptionSince the release of FortiOS 6.2, the FortiOS proxy daemon
(WAD) will strip domain names from usernames when domain is specified
with backslash (DOMAIN\username). This behavior allows matching of
locally defined users before contacting rem...
Description This article describes how to configure SSL VPN OS check for
Windows 10 clients with specific Windows build number. Scope FortiGate
v6.2 and above. Solution # config vpn ssl web portal edit
set os-check enable set skip-check-for-unsuppor...
DescriptionThis article describes how to move FortiToken Mobile between
VDOMs.Solution1) Ensure the FortiToken mobile to move is not assigned to
any user.2) Note down the Serial Number of the FortiToken to move to
different VDOM. 3 )Delete the token ...
If it starts we get 4000 packets in about 5 seconds. A few Megabits per
second of legitimate traffic should be of no concern. but as said above
its no Fortigate issue. Well, if your Fortigate runs out of memory, it
is very much a Fortigate issue. Sin...
It does not seem like a Fortigate issue. The password change request was
rejected by your domain controller due to insufficient permissions.
2022-09-21 13:45:28  fnbamd_ldap_parse_response-Error 50(00000005:
SecErr: DSID-031A11ED, problem 4003 ...
Hi Remo, The idea of public forum is to share issues and their solutions
with others. This way, more people can benefit. You can mask/replace
sensitive details such as domain name and post it here. If you are not
comfortable with it, please create a ...
If you see a high session setup rate from just a single IP address, you
can quickly create a firewall policy for that specific source IP address
and set the policy action to Deny. That alone should prevent session
creation and therefore prevent memor...