Hi everyone,I’ve deployed an IPsec dial-up VPN to allow users to connect
via FortiClient.The VPN uses IKEv2 and a RADIUS server, and all users
belong to the emergency group.After configuring FortiClient with all the
correct phase 1 and phase 2 parame...
Hi,I have a customer who currently uses two WAN connections: a primary
one (Swisscom) and a secondary one (Horizon).Some services are also
exposed only on the primary WAN.They asked if it’s possible to combine
the two connections so that, in case the...
Hello,i'm stuck in creating an Ipsec dialup vpn ikev2 with cisco
DUO.During the Phase1 negotiation i see errors on the EAP failing
negotiation, following the screenshot directly from the firewall gui and
the log taken from cli.I double checked all th...
Hello, i'm trying to set up a Dialup ipsec vpn with cisco Duo as Mfa in
order to allow remote users to connect to my company.The fortigate
version 7.4.7 has 4 Vdoms (root + internet, mydmz, myvpn).the internet
vdom is used to manage internet traffic ...
Hello, i need to delete a test ipsec dialup vpn, this vpn has no
reference but i'm unable to delete neither in cli nor in gui.It was
firstly created via the vpn wizard and then changed to custom vpn.I also
create a loopback and associated it instead ...
Hello,i followed the steps in the marked solved post, noting more, it
was and easy task, one you have the new virtual instance you just import
the old configuration and change the new FAZ ip on the firewall, it
pretty all.
Hello @AEK ,this is a great advise, thank you so much.I don't have the
EMS version of forticlient so am i still able to modify the xml file as
per this guide?
https://docs.fortinet.com/document/forticlient/7.4.0/new-features/907253/eap-ttls-support-f...
Hi, the radius accepts PAP method, if i change to ms chapv2 on fortigate
and test the credential if fails.What do you mean with "EAP method is
aligned between both ends", do i need to check if the are both using PAP
rather than MS-chapv2?
I've almost the same issue, but i'm using radius instead of ldap, and no
EMS.i'm using 2 dial up vpn, one with Cisco Duo as Mfa and radius and
the other one with another radius and no mfa. the first once is ok, but
the second one fails every time wit...
