DescriptionFSSO collector agent by default tries to detect workstation
IP address changes by resolving the workstation host names via DNS. The
interval in which the IP address verification occurs is configured by
the 'IP address change verify interva...
DescriptionWhen configuring FSSO, administrators have the ability to
specify which user groups will be monitored by FSSO. The Group Filter
can be defined either locally on FortiGate or directly on FSSO Collector
Agent. While in general the group filt...
DescriptionSince the release of FortiOS 6.2, the FortiOS proxy daemon
(WAD) will strip domain names from usernames when domain is specified
with backslash (DOMAIN\username). This behavior allows matching of
locally defined users before contacting rem...
Description This article describes how to configure SSL VPN OS check for
Windows 10 clients with specific Windows build number. Scope FortiGate
v6.2 and above. Solution # config vpn ssl web portal edit
set os-check enable set skip-check-for-unsuppor...
Description This article describes how to move FortiToken Mobile between
VDOMs.Solution 1) Ensure the FortiToken mobile to move is not assigned
to any user.2) Note down the Serial Number of the FortiToken to move to
a different VDOM. 3) Delete the to...
Hi @albertocobo , I do not see any reason/benefit to keeping interfaces
shutdown permanently. You can however enable a temporary interface
shutdown after a Fortigate failover occurs in order to force-clear MAC
address tables on adjacent switches . co...
I have two websites hosted internally on 192.168.1.10 through IIS as
follows https://website1.com = 192.168.1.10 https://website2.com =
192.168.1.10 Since both websites are hosted on the same real server,
there is no need for load balancer on your Fo...
They both have 3 radios (2.4Ghz, 5Ghz, scanning). Major difference is
that 831F supports 8x8 MU-MIMO and is therefore equipped with 5Gb
Ethernet port. If you think you the theoretical 2.5Gbps per AP is not
sufficient for your use case, then 831-F is ...
If you are managing many Mobile FortiTokens, you might want to consider
switching to FortiAuthenticator where token self-provisioning is
You can't access the captive portal manually. You'll need to be
redirected there by the Fortigate. Just access http://example.com . If
you are using the HTTPS version on port 1003, ensure the client OS can
verify the validity of all intermediate cert...
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.