Technical Tip: Details about host check list and ...

nithincs · 03-27-2025

Description This article explains the scenario in which phase 2 of site-to-site VPN between FortiGate tunnels goes down and will not automatically come up. Scope FortiGate. Solution This behavior is expected when phase 2 'auto-negotiate' is kept disa...

nithincs · 03-21-2025

Description This article describes a technique to track when an admin user logged in and the reason for the same user session close due to the admin logging out, the admin disconnecting, or the admin time out. Scope FortiGate Solution When a user suc...

nithincs · 03-21-2025

Description This article describes how to use the DNS filter profile to filter and minimize Internet usage by interrupting client DNS queries. Scope FortiGate Solution Internet access to the different network segments is restricted by using security ...

nithincs · 02-26-2025

Description This article describes how to find out whether FortiGate was the initiator or responder during the BGP peering. Scope FortiGate. Solution FortiGate BGP neighbor command output consists of Connection status information, which provides deta...

nithincs · 02-26-2025

Description This articles describes the reason behind BGP status commands 'get router info bgp neighbors' and 'get router info bgp summary' not showing any neighbor information when BGP is configured with neighbor-group and range. Scope FortiGate. So...

nithincs · 07-24-2023

yes, you could achieve it. Make sure to add dailup tunnel subnet in phase2 selector of the site-site tunnel. in FGT1 source :10.5.41.0/24 dest :192.168.8.0/24in FGT2 source 192.168.8.0 dest :10.5.41.0/24 In FGT2, add a routeto 10.5.41.0 via tunnel in...

nithincs · 05-22-2023

Hi Imel, I believe, you need to create ip pools for each nat ip address. Later call the same in specific soucre and destination policy. Please refer to https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-configure-SNAT-with-IP-pool/ta-p/...

nithincs · 05-22-2023

hi, the script is correct. You can also follow alert mail for concerve mode and logs collection https://community.fortinet.com/t5/FortiGate/Technical-Tip-Automation-stitch-for-the-conserve-mode/ta-p/240696#:~:text=FortiGate%20by%20default%20turns%20o...

nithincs · 05-08-2023

hi Abel,Please make sure you have spit tunnel enable in the sslvpn so you that only remote subnet are pointing todards sslvpn adaptor in local pc. Better to check routing-table in the pc before and after connecting to sslvpn. use "route print" if its...

nithincs · 08-23-2022

Hi, Please try the solution provided in https://community.fortinet.com/t5/FortiGate/Technical-Tip-Error-The-VPN-server-may-be-unreachable-14-for/ta-p/190882

User Statistics

User Activity

Troubleshooting Tip: Phase1 is up yet phase2 is down after IKE rekey or tunnel flap

Technical Tip: How to track login and logout of specific admin access.

Technical tip: Using FortiGate DNS filter to reduce the inspection of encryted traffic and FortiGate resource usage

Technical Tip: How to find whether FortiGate was a BGP peering initiator or responder

Troubleshooting Tip: No BGP neighbor information in FortiGate when configured with neighbor-group

Re: Can remote FortiClient user get access to local lan connected over syte-2-syte tunnel?

Re: Dynamic NAT

Re: Restart Fortigate http/gui processes automatically because of a memory leakage

Re: Printer behind FortiClient not accessible

Re: FortiClient VPN connection error (-14)

Technical Tip: Details about host check list and ...

Technical Tip: Log action messages 'Accept: sessio...

Technical tip: Using FortiGate DNS filter to reduc...

Technical Tip: Virtual wire pairs

Troubleshooting Tip: Not able to ping the Ipsec VP...

KCS

Fortinet Training Institute

User Statistics

User Activity

You are leaving our website