Description This article describes the basic requirements that must be
met when configuring LACP between HA FortiGates and Nexus Switches
configured for vPC. Scope FortiGate (all models/versions); Cisco Nexus
switches. Solution As a primer, LACP link...
Description This article discusses a previously undocumented limitation
about how many interfaces can be set when configuring Multicast Routing
on the FortiGate (i.e. via PIM sparse-mode). The article also discusses
the functional effects of this lim...
Description This article describes the general requirements for
configuring NAT46 and NAT64 when using NGFW Policy-mode (which also
includes Central-SNAT) on FortiOS 7.0.1 and later. In FortiOS 7.0.1, the
NAT46/NAT64 features underwent a major redesi...
Description This article describes how to configure the FortiGate with
an External Connector using the STIX/TAXII protocol. AlienVault (aka
Alien Labs Open Threat Exchange) is the threat-feed provider used in
this article as an example, and so the st...
Description This article describes the authentication-related
limitations that an administrator will encounter when configuring the
Wireless SSID for WPA2-Enterprise and Local Authentication on the
FortiGate, rather than using the RADIUS Server authe...
I recommend checking out these Community KB articles for SSL-VPN and
IPsec:https://community.fortinet.com/t5/FortiGate/Technical-Tip-Enabling-split-tunnel-feature-for-SSL-VPN/ta-p/198108https://community.fortinet.com/t5/FortiGate/Technical-Tip-Enable...
Unless I'm missing something, it looks to me like Source NAT isn't
turned on for Policy 15, the SSL-VPN to Internet policy.You're using a
full-tunnel SSL-VPN (set split-tunneling disable), so all traffic is
shuttled over the VPN in this case, but you...