Hi,after updating to v6.2.11 some connections via the explicit proxy
failed, the error was "504 Gateway Timeout".In my case the explicit
proxy used a different source IP for connections over a VPN. This failed
because the new source IP was not part o...
Hi,the Fortigate has the vip type "server-load-balance" for a while and
some features eg https offloading and cookie persitence looked
promising, but there was a bug in the cookie handling that spoiled it
all.Since FOS 6.4 this is fixed and we use th...
Hi,we see strange tunnel-stats of remote access VPNs that might point to
an issue. There are some complaints coming from users about stale
tunnels, but because of the current situation there is too much
happening at the same time to correlate things....
Hello forum, we have a box with many VPN tunnels, but one is giving me a
headache.I like to do a long term debugging, because FortiAnalizer has
not the necessary details like dpd messages. My best method currently is
to run a "screen" session with ou...
Hello, has anyone tried to connect to a FortiManager via SSLVPN and SSO?
config looks like that: config vpn ssl web portal edit "FortiManager"
... config bookmark-group edit "gui-...
Hi @jintrah_FTNT , my box has FOS6.4.9. If I turn on http-multiplex for
a VIP, the SNAT-Pool is ignored and the interface VIP is used to connect
to the real server. If I turn it off (and wait for sessions to time out)
SNAT works again.Just ran a tcpd...
Hello @jintrah_FTNT ,ok, to put it more clearly: there is no column for
VIP, so you can not filter on it. It is possible to check every log
lines details to find the VIP. But ist is not the same as with FAZ,
where you can see the VIP as a column and ...
Hi @jintrah_FTNT , yes, but if you look closely, you see that the circle
only shows the "Mode" not the "Status". So in your case you have two
servers down (means your service is offline!) and the circle looks all
good. Not what you expect, right? The...
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.