Re: How to wake FortiGate up when it goes into sta...

rtanagras · 12-16-2024

Description This article describes a scenario where group matching for SSL VPN authentication on FortiGate was not functioning correctly with DUO SAML for multiple Active Directory groups. Scope FortiGate. Solution Since DUO does not provide an Objec...

rtanagras · 10-23-2024

Description This article explains how to manage untagged traffic on a FortiGate interface. By default, untagged traffic arriving on a FortiGate interface is processed by the physical interface itself. This means that the physical interface handles th...

rtanagras · 10-14-2024

Description This article describes essential steps to harden FortiGate SSL VPN configurations. It covers key practices such as changing the default SSL VPN ports, implementing DoS policies to block port scans, disabling unnecessary portal modes, and ...

rtanagras · 05-30-2024

Description This article explains how to set up Microsoft Entra Domain Services with secure LDAP and connect it to FortiGate. Follow the steps to add a custom domain, configure Entra Domain Services, enable secure LDAP, and import certificates. Comma...

rtanagras · 04-29-2024

Description This article is designed to automate the backup process of a FortiGate device's configuration to a TFTP server. It utilizes SSH to connect to the FortiGate and execute the backup command periodically at a specified interval. The script al...

rtanagras · 10-14-2024

Hi @heye - As far as I know, if there are no interfaces added to that SDWAN Zone, it is disabled by default. However, once an interface is added, it should turn green, indicating that the Zone is up.

rtanagras · 08-29-2024

Hi @Staphisco - Yes, it will essentially become a separate network, so you'll need to allow it on the FortiGate depending on your configuration. Where are you getting your DHCP from, is it also from the FortiGate?You might try making the hardware swi...

rtanagras · 08-29-2024

Hi @grod777 - Glad to hear that it's working now. It might have been due to the initial session where traffic was routed out through the WAN interface. The issue arises when creating a new session with the exit interface set to IPSec, which can cause...

rtanagras · 08-29-2024

Hi @Dattatray - I think that's only possible if you format the device with a 7.2.8 image and manually convert the config file, or use the FortiConverter app to automatically handle the conversion. Upgrading and downgrading have become more strict sta...

rtanagras · 08-29-2024

Hi @Staphisco - As far as I know, if your FortiSwitch is not part of FortiLink, you cannot manage it directly from your FortiGate firewall. So, FortiSwitch managed by FortiGate must be part of FortiLink. Since it's standalone, you need to manage it d...

User Statistics

User Activity

Technical Tip: FortiGate SSL VPN and DUO SAML Integration for Active Directory Group Authentication

Technical Tip: Managing Untagged Traffic on a FortiGate Interface

Technical Tip: Hardening FortiGate SSL VPN - Best Practices for Enhanced Security

Technical Tip: Configuring Microsoft Entra Domain Services with LDAPS for FortiGate -Azure LDAPS

Technical Tip: FortiGate Automated Configuration Backup in Bash Script

Re: SD-WAN Zone (virtual-wan-link) with Disabled Status

Re: FortiSwitch standalone offline

Re: Fortigate Cant access Fortiguard

Re: Downgrade the device from v7.4.3 to v7.2.8 without active license and registration.

Re: FortiSwitch standalone offline

Re: How to wake FortiGate up when it goes into sta...

Re: ADVPN IBGP Advertisement & Overlay Cross conne...

Re: GRE Tunel not working after 7.4.1 > 7.4.3

Re: "Incorrect certificate file format for CA/LOCA...

Re: FortiLink VLAN Optimization

Re: Downgrade the device from v7.4.3 to v7.2.8 wit...

Re: FortiSwitch standalone offline

Re: How to wake FortiGate up when it goes into sta...

Re: Fortigate 7.2 SDWAN + ADVPN

Re: my firewall 40F have future version in firmwar...

KCS