Hi We have 2 Fortigate 300D running FortiOS 5.4.7 in a HA A-A cluster.
Our users are authenticated to our Fortigates by 2 ways: 1) FSSO using
the Active Directory collector agent for domain joined machines, and 2)
RSSO using Radius Accounting from ou...
Hi AllWe have 2 WAN interfaces connected to our Fortigate 300D from 2
separate ISPs. We want to use ISP A at all times unless it is down, in
which case we fail over to ISP B.I've done this before using Dead
Gateway Detection in Fortigate on previous ...
Hi AllNot really sure how to do this (or if its possible). Essentially I
want to ensure traffic (which is normally unencrypted) can be sent
securely accross the internet. I can't create a "route based VPN"
between the two sites. All I need to do is c...
Hi All We've managed to get IPv6 dual stack working through our
Fortigate and we've setup stateless configuration for clients. However,
the stateless config doesn't set the DNS for the client. I can't seem to
find any info on how to fix this. Any one...
Hi All We have setup a basic IPSEC VPN using Forticlient and the Wizards
in a Fortigate 100D. Rules allow traffic to two different subnets
internally from the VPN connected users. However, we'd like to only
allow certain users to access one subnet. A...
The logs on the destination Fortigate show the following: peer SA
proposal not match local policy I have read that this could be caused by
the fact that we also have a dial up VPN configured on the same
Fortigate and they are conflicting.
If I set the Fortigate Web UI to use the same certificate that I've
imported, connectivity to it works fine. Firefox shows the connection
details as using TLS_DHE_RSA_WITH_AES_128_CBC_SHA, 128 bit keys, TLS
1.2. My real server (10.101.1.2) on port 44...
