Re: ERR_SSL_PROTOCOL_ERROR on the newest Chrome 13...

sw2090 · 01-28-2025

Just ran into this issue and wanted to let you know: If on a policy the security profiles is disabled (which is the Fortnet default if all filters are empty) you are still forced to enter a ssl inspection profile. However if the profiles are disabled...

sw2090 · 10-25-2024

Following constellation: FortiGate with FOS 7.2.10FortiClient 7.2.5 on windows. IPsec tunnel witb psk and xauth against ldap usergroup on Authenticator and mode config. Behavior:- Tunnel connects- does psk auth and proposals- does mode config - gets ...

sw2090 · 10-01-2024

This recently has happened to us with our own Website and all our FGT. When one tries to access our website all one gets in Chrome is a QUIC Protocoll error.Looking at Chrome's netlog on a client affected I saw that it tried to use Cloudflare's ECH P...

sw2090 · 09-25-2024

We are planning to upgrade a bunch of FGT100F to 7.2.10 very soon. The official upgrade path states that this can be done in one single step. Did anyone already do that and did you experience any problems afterwards?Or was that just related to FOS <=...

sw2090 · 03-21-2024

I just ran into this: We have a Windows DHCP that has a scope for a vlan.the vlan interface on the FGT100E is set to do dhcp relaying to this Windows DHCP.the Windows DHCP also has dhcp option 138 set for all scopes it has.If I now connect a client t...

sw2090 · 01-28-2025

that is on line on the very bottom of that document...still weird to me that you cannot have DPI on its own on a policy...

sw2090 · 01-15-2025

your second policy will never be hit because traffic from port2 to port2 is within one subnet and will not hit the firewall.

sw2090 · 12-23-2024

At least in FOS 7.2. there is some bug with ipsec dial up and sdwan. Sdwan cannot correctly detect wether a dialup is up or not and in interface mode the interface itself is always up. This leads to sdwan not taking down unusable routes which causes ...

sw2090 · 12-22-2024

it will work if bothg FGT share at least the same interfaces or if the new one has interfaces the old one hadn't. I would not recommend using different FOS versions. Either upgrade the old one to the same FOS the new one runs or vice versa.

sw2090 · 12-22-2024

well alas your FMG runs 7.2 you should be able to add your 200G running on 7.2.8.

User Statistics

User Activity

SSL Inspection is being ignored

strange behavior on ipsec vpn

Sites that use Cloudflare DNS Proxy with ECH will not open behind a FortiGate

Upgrading FGT to 7.2.10 - your experience?

strange behaviour of dhcp relay

Re: SSL Inspection is being ignored

Re: New FortiGate Setup - Creating Firewall Policies

Re: FortiClient VPN IPSEC to SDWAN

Re: 60e to 60f changing the configuration version file and upgrading from 7.0.11 to 7.2.6

Re: Adding 200G into 100F FortiManaged Estate

Re: ERR_SSL_PROTOCOL_ERROR on the newest Chrome 13...

Re: ERR_SSL_PROTOCOL_ERROR on the newest Chrome 13...

Re: Disadvantage of using a internal CA issued cer...

Re: fortigate register & management from a Fortima...

Re: Two Ipsec Tunnels for Fortigate

Re: Mapping dynamic object configuration

Re: Buy Amazon Firewall

Re: Buy Amazon Firewall

Re: Buy Amazon Firewall

Re: Buy Amazon Firewall

Super User

User Statistics

User Activity

You are leaving our website