Technical Tip: IPSec VPN NAT-traversal

alif · 11-12-2024

Description This article describes the steps involved in establishing a secure connection between FortiGate and FortiGuard servers. Scope FortiGate, FortiGuard. Solution To establish a connection with a FortiGuard server, it is necessary to verify th...

alif · 10-01-2024

Description This article describes the instability of IPsec VPN tunnels terminated on PPPoE interfaces. Scope FortiGate. Solution Consider an IPsec VPN tunnel configured on FortiGate where FGT-I utilizes a PPPoE connection on the WAN interface. confi...

alif · 09-16-2024

Description This article describes the private data encryption feature restriction to super admin users introduced from FortiOS 7.6.1. Scope FortiGate v7.6.1. Solution Previously, an admin with 'cfg read-write' and 'cli-config enable' privileges coul...

alif · 08-26-2024

Description This article describes how to collect debugs from FortiGate via the FortiLightHouse tool. Scope All supported versions of FortiGate. Solution FortiLightHouse CLI or FlhCli is a monitoring tool that helps in collecting essential outputs fr...

alif · 07-25-2024

Description This article describes the steps to take in case FortiGate is affected by a DoS / DDoS attack. Scope FortiGate, DoS, DDoS. Solution In a DoS (Denial of Service) / DDoS (Distributed Denial of Service) attack, the attacker / bad actor overw...

alif · 11-07-2024

hi @ganesh_karale , It sounds like an unexpected behavior. Please open a ticket with Fortinet TAC and share the configuration along with the screenshot of the error for further investigation.

alif · 06-24-2024

Hi @aguerriero, Please disable offloading on firewall policy and see if the issue persists. If possible, please upgrade to FortiOS 7.4 version as well as it could be something specific on 7.2.

alif · 10-26-2023

Hi @RolandBaumgaertner72 , well it totally depends how you would prefer to have the setup. Without SD-WAN, you can modify the distance/priority settings as explained in the below link. https://community.fortinet.com/t5/FortiGate/Technical-Note-Routin...

alif · 10-26-2023

Hi @RolandBaumgaertner72 Thank you for reaching out the Fortinet community. If you prefer one WAN link over another, you can configure SD-WAN rules to prioritize traffic. SD-WAN rules are checked from top to bottom (first match). https://docs.fortine...

alif · 09-28-2023

hi @chendewu_520 There are only two methods supported for activating via FortiToken; Email and SMS.

User Statistics

User Activity

Technical Tip: Steps involved in secure connection between FortiGate and FortiGuard servers

Technical Tip: Instability of IPsec VPN Tunnels terminated on PPPoE interfaces

Technical Tip: Hardening - Improve private data encryption to limit enable/disable to super admin users on v7.6.1

Technical Tip: FortiLightHouse CLI: Monitoring Script to collect debugs on FortiGate

Troubleshooting Tip: Steps to perform in case of DoS/DDoS attack on FortiGate

Re: WebSocket is closed before the connection is established

Re: 200F, 7.2.8, EMAC VLANS, and Ansible HTTPAPI with intermittent failures

Re: SD WAN Configuration

Re: SD WAN Configuration

Re: The 2FA code activation email was blocked

Technical Tip: IPSec VPN NAT-traversal

Technical Tip: How to identify Inactive Routes in ...

Technical Tip: Configuring the Firewall Policy Rou...

Technical Tip: Instability of IPsec VPN Tunnels te...

Re: How to get access to this post

Re: MAC device and source zone

Re: Fortigate with older firmware stood new Fortic...

Re: "session clashed" issue in SDWAN configuration

Re: forticlient VPN on MacOS 10.14.6 white blank s...

Re: Setup Fortigate to communicate to Fortiweb

KCS