Fortinet Community

sw2090 · 05-18-2022

I ran into an issue here: I have a zone with several members.Now I need multicast forwarding for airprint between two members of that zone.intra-zone-traffic is blocked (per default) which is wanted that way.So any traffic has to be explicitely allow...

sw2090 · 12-01-2021

Hiho, there is an old bug in FortiOS and FortiManager that allows you to set too long Phase1 names. This can cause problems wenn the FGT runs out of space on creating new dialup instances due to enumeration. This means: when you create a dial up ipse...

sw2090 · 10-08-2021

just encountered this: IPSec Dial Up does allow concurrent tunnels. To make sure it can handle each one it enumerates the tunnels. Good so far.Though the Gui (and the FOrtimanager gui also) allow you to enter too long p1 names.If you p1 name is too l...

sw2090 · 09-01-2021

Hiho, I have an adom which used to bei v6.2 before. As long as it was 6.2 all worked fine even after upgrading the FortiManager to v6.4. Once I upgraded the adom (and the global adom as it provides objects that are used in that adom) to v.6.4 I canno...

sw2090 · 07-07-2021

I have this constellation: FGT100E with a FEX connected to it via capwap.FGT has authorized the FEX and added a device ofor it.All wans plus FEX are members of sd-wan. All wans except FEX are part of SD-WAN health check.I kept FEX out because it shou...

sw2090 · 08-16-2022

and yes its "route print" on windows. Or "netstat -rn" on MacOSX. Or just "route" on Linux :)

sw2090 · 08-16-2022

without split tunneling it should work if that default route (over the tunnel) is the only one or has the lowest metric.The big contra of this is that it would also send all your internet traffic through the tunnel. So in order to still have internet...

sw2090 · 08-16-2022

Caveat: there is one bug in FortiOS: on dial up vpns FOS does not subtract the digits used for the suffix from the maximum name length of your tunnel. Since FOS supports 1000 concurrent connections the suffix takes up to 5 digits (_xxxx). Due to that...

sw2090 · 08-16-2022

I guess 192.168.2.16 is the remote end of your vpn (i.e. yoour FGT). If it gets that as default gw that would mean either split tunneling is not enabled or split tunneling does not work for some reason.In this case the routing table of your client wo...

sw2090 · 08-12-2022

You don't need NAT here since your FortiGate is the Gateway on both "endpoints" and the FGT does have an interface in both subnets. NAT might even be contra-productive here.Try to disable it. The rest of you policies looks good so far. Basically all ...

Fortinet Community

User Statistics

User Activity

Intra-Zone Multicasting

IPSec Dialup Tunnel enumeration reset?

Weird behaviour of Dial Up IPSec

cannot deploy policy package after adom upgrade to 6.4

FortiExtender in SD-Wan Rule not working

Re: forticlient vpn issue from windows 11 laptop, OS version 7.2.0

Re: forticlient vpn issue from windows 11 laptop, OS version 7.2.0

Re: Help undersanding VPN

Re: forticlient vpn issue from windows 11 laptop, OS version 7.2.0

Re: What is missing - Routing, NAT or Policy

Re: Super excited about this new Community / Self-...

Re: VLANs on FortiGate 40F

Re: VLAN access from a different switch

Re: VPN connection not working after update to Ubu...

Re: SSL VPN FQDN

Re: VLAN access from a different switch

Re: Site to Site Custom tunnel with VLAN

Re: 40F ipsec VPN internet access through VPN tunn...

Re: Lost internet connection when using forticlien...

Re: Lost internet connection when using forticlien...

News & Articles

Security Research

Company

Contact Us