Re: sd-wan vpn

sw2090 · 02-04-2025

Heyho, just ran into this: On my FortiManager in an adom I added an IPSec VPN provisioning template in device manager. This has a phase1 and also a phase2. I had no problems with phase1. But I do have a big problem with phase2:I need to enter the sel...

sw2090 · 01-28-2025

Just ran into this issue and wanted to let you know: If on a policy the security profiles is disabled (which is the Fortnet default if all filters are empty) you are still forced to enter a ssl inspection profile. However if the profiles are disabled...

sw2090 · 10-25-2024

Following constellation: FortiGate with FOS 7.2.10FortiClient 7.2.5 on windows. IPsec tunnel witb psk and xauth against ldap usergroup on Authenticator and mode config. Behavior:- Tunnel connects- does psk auth and proposals- does mode config - gets ...

sw2090 · 10-01-2024

This recently has happened to us with our own Website and all our FGT. When one tries to access our website all one gets in Chrome is a QUIC Protocoll error.Looking at Chrome's netlog on a client affected I saw that it tried to use Cloudflare's ECH P...

sw2090 · 09-25-2024

We are planning to upgrade a bunch of FGT100F to 7.2.10 very soon. The official upgrade path states that this can be done in one single step. Did anyone already do that and did you experience any problems afterwards?Or was that just related to FOS <=...

sw2090 · 05-20-2025

if the clkient does not ask you for the token code you can try to simply append it to your password.

sw2090 · 05-20-2025

hm loosing your credentials is always a bad thing.There is only two ways to do a factory reset without having credentials: a) use the rest butten (if there is one. Not all FortiGates have it). Press it for some secs within a ,in after bootup to reset...

sw2090 · 05-06-2025

that depends on your ISP. However you must connect every cluster node to that wan. That alone might require a switch or router in between to have enough ports.In or case (that's active-passive cluster here anyways) the ISP router/box only gives us on...

sw2090 · 05-06-2025

just as a tip: ping is kernel based while http(s) is a service.So ping may work but http(s) may not.In this case you coud try to debug it on cli with somethng likedia debug enabledia debug app httpd/httpsd this will give you some debug log output tha...

sw2090 · 05-06-2025

Since DHCP is udp broadcasting that can only work within a subnet/Interface (except if you relay it) this is so called net-internal-traffic. That will not hit any policy. Your FGT will just receive the broadcasted DHCPDISCOVER and answers it with a D...

User Statistics

User Activity

FortiManager IPSec provisioning templates - phase2 partly broken?

SSL Inspection is being ignored

strange behavior on ipsec vpn

Sites that use Cloudflare DNS Proxy with ECH will not open behind a FortiGate

Upgrading FGT to 7.2.10 - your experience?

Re: Forticlient on Ubuntu

Re: Fortigate 30E Backup device against Problem device how to

Re: HA Active-Active Deployment – Clarification on WAN Connectivity Requirements

Re: FortiManager GUI Not Accessible inspite of being able to ping it

Re: Ensuring that Clients will only be getting IPs from authorized DHCP server

Re: sd-wan vpn

Re: ERR_SSL_PROTOCOL_ERROR on the newest Chrome 13...

Re: ERR_SSL_PROTOCOL_ERROR on the newest Chrome 13...

Re: Disadvantage of using a internal CA issued cer...

Re: fortigate register & management from a Fortima...

Re: Automatic Updates for FortiManager Integrated ...

Re: Configure DNS server

Re: SFP+ FortiLinks ports

Re: Mapping dynamic object configuration

Re: Buy Amazon Firewall

Super User

User Statistics

User Activity

You are leaving our website