Re: sd-wan vpn

sw2090 · 02-04-2025

Heyho, just ran into this: On my FortiManager in an adom I added an IPSec VPN provisioning template in device manager. This has a phase1 and also a phase2. I had no problems with phase1. But I do have a big problem with phase2:I need to enter the sel...

sw2090 · 01-28-2025

Just ran into this issue and wanted to let you know: If on a policy the security profiles is disabled (which is the Fortnet default if all filters are empty) you are still forced to enter a ssl inspection profile. However if the profiles are disabled...

sw2090 · 10-25-2024

Following constellation: FortiGate with FOS 7.2.10FortiClient 7.2.5 on windows. IPsec tunnel witb psk and xauth against ldap usergroup on Authenticator and mode config. Behavior:- Tunnel connects- does psk auth and proposals- does mode config - gets ...

sw2090 · 10-01-2024

This recently has happened to us with our own Website and all our FGT. When one tries to access our website all one gets in Chrome is a QUIC Protocoll error.Looking at Chrome's netlog on a client affected I saw that it tried to use Cloudflare's ECH P...

sw2090 · 09-25-2024

We are planning to upgrade a bunch of FGT100F to 7.2.10 very soon. The official upgrade path states that this can be done in one single step. Did anyone already do that and did you experience any problems afterwards?Or was that just related to FOS <=...

sw2090 · 04-29-2025

hm we are using FMG with several FGT for years now. As far as firmware upgrades are concerned: our FMG never automatically updated any FGT. It probably would if you set up a firmware template that tells it to do so. It can do scheduled upgrade on dem...

sw2090 · 04-28-2025

oh forgot to mention: sdwanvpn will not work correctly with dialup tunnels at least when they are in iterface mode because it cannot correctly determine the tunnel statuses due to dial up connections being enumerated.

sw2090 · 04-28-2025

As long as you don't want redundance/failover there is no need for sdwan.if you need/want redundance/failover then sdwan is the easiest way.Just configure two ipsecs that have the same destination (p2 quickselectors) and create an sdwan-zone with the...

sw2090 · 04-23-2025

well if the public ip is direclty on the wan interface of the Fortigate you can connect directly.In the other case you have a hop in between (modem) so the Fortigate does not directly have the public ip of this wan. For IPSec that means that you may ...

sw2090 · 04-02-2025

yes FortiCLient VPN does support both it just doesn't support EMS features and TAC won't support it.

User Statistics

User Activity

FortiManager IPSec provisioning templates - phase2 partly broken?

SSL Inspection is being ignored

strange behavior on ipsec vpn

Sites that use Cloudflare DNS Proxy with ECH will not open behind a FortiGate

Upgrading FGT to 7.2.10 - your experience?

Re: Automatic Updates for FortiManager Integrated with FortiGate question.

Re: sd-wan vpn

Re: sd-wan vpn

Re: sd-wan vpn

Re: Free FortiClient

Re: sd-wan vpn

Re: ERR_SSL_PROTOCOL_ERROR on the newest Chrome 13...

Re: ERR_SSL_PROTOCOL_ERROR on the newest Chrome 13...

Re: Disadvantage of using a internal CA issued cer...

Re: fortigate register & management from a Fortima...

Re: Automatic Updates for FortiManager Integrated ...

Re: Configure DNS server

Re: SFP+ FortiLinks ports

Re: Mapping dynamic object configuration

Re: Buy Amazon Firewall

Super User

User Statistics

User Activity

You are leaving our website