Description This article explains the RADIUS server reachability status
cache which was introduced in FortiOS 7.4.0. Scope FortiOS 7.4. Solution
When configuring a secondary or tertiary RADIUS server, all FortiOS
versions before version 7.4 would alw...
Description This article describes that the FSSO collector agent by
default tries to detect workstation IP address changes by resolving the
workstation host names via DNS. The interval in which the IP address
verification occurs is configured by the ...
Description This article describes how to correctly configure Group
Filter on Collector Agent. When configuring FSSO, administrators have
the ability to specify which user groups will be monitored by FSSO. The
Group Filter can be defined either local...
DescriptionSince the release of FortiOS 6.2, the FortiOS proxy daemon
(WAD) will strip domain names from usernames when domain is specified
with backslash (DOMAIN\username). This behavior allows matching of
locally defined users before contacting rem...
Description This article describes how to configure SSL VPN OS check for
Windows 10 clients with specific Windows build number. Scope FortiGate
v6.2 and above. Solution config vpn ssl web portal edit
set os-check enable set skip-check-for-unsupporte...
Hi Marcus, this may be a bit too complex to solve with just the provided
info. But I can give you a few hints, that I think you will find
helpful: The issue I see is with `current-bandwidth=0(kbps)` . This
indicates that there is no traffic matching ...
Yes, this is indeed a problem if both the agents are monitoring the same
domain. Every time the same user is discovered via different fabric
connector, all existing IP sessions from the source IP address are
cleared from Fortigate. You should complet...
If you have SDWAN already implemented, you will simply need to create a
new SDWAN rule and specify the LAN IP as source. You will then manually
select the outgoing interface there. Note that SDWAN rules are assessed
from to to bottom, so you will lik...
DNAT on Fortigate is configured using Virtual IPs. It's exactly the same
with or without SDWAN. See the below documentation for more
details:https://docs.fortinet.com/document/fortigate/7.4.3/administration-guide/728694/destination-nat
This mostly happens when you import config from another Fortigate unit.
The fix is simple, just delete both the free FortiTokens from Fortigate
GUI. A new button will then appear, which will allow you to download new
ones.