I have an interface mode IPsec tunnel that uses NAT on a outbound policy
to match the interface address and a VIP on the inbound to NAT inbound
to a different address. I need to create a backup tunnel. The other
endpoint is watchguard (i think) and c...
To make it worse this new "free VPN only" client has eliminated the
option to allow "VPN before logon". This makes the client useless if you
want remote users to do a true domain logon wherever they are. I even
backed up the Forticlient config and ed...
So I'm running 6.0.4 and I ran 'set url-obfuscation enable' from conf
vpn ssl settings. I then would get the error below about 'hsts' if I
tried to access the portal by name (and note I'm using the built-in self
signed cert so it won't match the name...
It appears that FOS 4.3.x or 4.2.x didn' t use the more current and
(heartbleed)vulnerable SSL implementation and therefore requires no
change or is this incorrect? Release notes in 5.0.7 don' t cover this
nor does the Fortinet advisory. Thanks!
I think I found the article you' re referring to. In that post someone
says you can' t map a VIP to a zone. Is that correct? If so, that would
mean what I described won' t work. The whole reason I was going to
create a zone was because the FGT won' t...
