Technical Tip: FortiGate Firmware Downgrade for Mi...

jiahoong112 · 05-22-2025

Description This article describes what to do when client devices behind a CGNAT network fail to connect to FortiSASE VPN. Scope FortiSASE. Solution Follow this KB ARTICLE to perform a capture using Fortinet Support Tool on FortiSASE: Technical Tip: ...

jiahoong112 · 04-01-2025

Description This article describes what is required to access internal HTTP/HTTPS resources with 'apptype web'. Agentless ZTNA Access Proxy portal is a new feature as of 7.6.1: ZTNA agentless web-based application access 7.6.1 To initiate the configu...

jiahoong112 · 02-27-2025

Description This article describes how to activate FortiToken Mobile without Email nor SMS. Scope FortiGate v6.4, v7.0, v7.2, v7.4, v7.6 Solution On the cli, run the following commands: diag debug app alertmail -1 diag debug enable In this example, a...

jiahoong112 · 01-06-2025

Description This article describes how to configure multiple active default routes that exist simultaneously in the routing table. Default routes here refer to routes to the internet. For example, regular connection to the internet for client devices...

jiahoong112 · 10-02-2024

Description This article describes how to ensure the captive portal on Apple devices is working after performing the initial configuration from here: FortiAuthenticator as a Wireless Guest Portal for FortiGate To verify whether the initial captive po...

jiahoong112 · 05-01-2025

You may opt to use link-monitor as well: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Link-Monitor-Explained/ta-p/197504it behaves similarly to sdwan's performance sla

jiahoong112 · 05-01-2025

Yes, this can be achieved using sdwan. Ensure both of these ipsec tunnels are configured with sdwan rules and performance sla so that failover works seemingly. https://community.fortinet.com/t5/FortiGate/Technical-Tip-Configure-IPsec-VPN-with-SD-WAN/...

jiahoong112 · 05-01-2025

this vpn failover feature requires EMS to work: https://docs.fortinet.com/document/forticlient/7.0.0/ems-administration-guide/950344/configuring-a-backup-vpn-connection within the free version of forticlient, this is not supported.

jiahoong112 · 04-06-2025

the wildcard certificate will only apply if the method you are connecting to the sslvpn is fqdn based. in this case, you'll have to bind your public ip with fqdn or use FortiDDNS: https://docs.fortinet.com/document/fortigate/7.6.2/administration-guid...

jiahoong112 · 03-10-2025

You can configure sdwan performance sla health-checks: https://docs.fortinet.com/document/fortigate/7.6.2/administration-guide/867342/performance-sla-overview At its most basic, Performance SLA health-check continuously pings a specified server to ch...

User Statistics

User Activity

Troubleshooting Tip: Users connecting from CGNAT network are unable to connect to FortiSASE

Technical Tip: Agentless ZTNA Access Proxy Portal unable to access internal HTTP/HTTPS resources using ‘apptype web’

Technical Tip: Activating FortiToken Mobile without Email nor SMS

Technical Tip: Multiple Active Concurrent Default Routes

Technical Tip: Captive Portal on Apple devices

Re: How to Configure Redundant IPsec Tunnels over SD-WAN Links

Re: How to Configure Redundant IPsec Tunnels over SD-WAN Links

Re: FortiClient Remote Access VPN – Automatic Failover Without EMS

Re: Can I secure SSL VPN with a wildcard cert, if SSL VPN is IP based?

Re: Monitoring from FortiGate

Technical Tip: FortiGate Firmware Downgrade for Mi...

Technical Tip: SD-WAN Best Quality (SLA) Customize...

Technical Tip: How to install FortiClient on Ubunt...

Technical Tip: Check the SSH encryption algorithm ...

Re: Help with poor Wifi performance and possible W...

Re: How to Configure Redundant IPsec Tunnels over ...

Re: FortiClient Remote Access VPN – Automatic Fail...

Re: Captive Portal in Firewall Policies

Re: How to use a different certificate instead of ...

Re: Looking for clarification on Firmware updates

KCS

User Statistics

User Activity

You are leaving our website