Fortinet Community

athirat · 05-02-2023

Description This article describes issues that occur during VPN establishment due to 'signature verification failed' errors in IKE debug logs for an IKEv2 certificate based IPsec VPN. Scope All versions of FortiGate. Solution This error is seen if Fo...

athirat · 03-08-2023

Description This article describes how to increase the memory buffer for processing IP fragment packets on FortiGate to avoid drops due to 'ReasmFails' owing to a memory buffer overflow in environments where a large number of fragments are expected t...

athirat · 08-30-2022

Description This article describes about how to enable mac address bypass on FortiGate interfaces. MAC Authentication Bypass (MAB) is supported to accept non-802.1X compliant devices onto the network using their MAC address as authentication. Scope A...

athirat · 08-30-2022

Description This article describes how to troubleshoot authentication failures due to 'clock skew' SAML errors. Scope FortiOS 7.0.4 and later Solution 1) The SAML Assertion from SAML IDP is only valid for a specific duration which is declared in the ...

athirat · 07-28-2022

Description This article describes the possibilities of denying/limiting access to SSL VPN with IRDB database. Scope All FortiOS versions. Solution - IRDB database objects can neither be used in local in policies or SSL VPN setting. These objects can...

athirat · 11-21-2021

Could you share the below configuration snippet : show sys dhcp server RegardsAthira

athirat · 11-17-2021

Hello, Based on the description, issue could be due to the fact there is no route available/active towards the VPN remote gateway via wan2 in the routing-table. This is why it works when you add wan2 into SDWAN (since default route via wan2 gets acti...

athirat · 11-17-2021

Hello, Once HA reserved management interfaces are added on FGT , they are automatically mapped to a hidden vdom called vsys_hamgmt. The routing and ARP details on HA dedicated management interface are solely available in this vdom.You can check the r...

Fortinet Community

User Statistics

User Activity

Technical Tip: Understanding 'signature verification failed' errors in IKE debug logs in an IKEv2 certificate based IPsec VPN

Technical Tip: How to increase memory buffer for processing fragment packets

Technical Tip: How to enable mac address bypass on FortiGate interfaces

Technical Tip: Authentication fails with 'clock skew' errors in SAML debugs

Technical Tip: How to Limit SSL VPN access using IRDB database

Re: Problem adding DHCP option, says option is in use

Re: Ipsec and SD-WAN

Re: HA reserved management interfaces in a different VRF

Technical Tip: Authentication fails with 'clock sk...

Technical Tip: How FortiGate handles 'Untrusted SS...

Technical Note: How to limit the SSL and TLS versi...

Fortinet Training Institute