Technical Tip: FortiGate Firmware Downgrade for Mi...

jiahoong112 · 10-02-2024

Description This article describes how to ensure the captive portal on Apple devices is working after performing the initial configuration from here: FortiAuthenticator as a Wireless Guest Portal for FortiGate To verify whether the initial captive po...

jiahoong112 · 10-01-2024

Description This article describes that there may be times when the BGP neighbors may show up as Idle (Admin). This is usually seen when the neighbor, interface has been administratively disabled or shut down. Sometimes this is even when the interfac...

jiahoong112 · 09-11-2024

Description This article describes that logging into the FortiSASE instance results in an error message, ‘user login failed’. This is because of the recent change as per https://status.fortisase.com where sub-users have been deprecated in FortiCare/F...

jiahoong112 · 09-02-2024

Description This article describes how to use PCAPdroid to troubleshoot Fortinet products. PCAPdroid is an Android application that can be downloaded from the Google Play Store to perform packet captures on the device. This can be useful when trouble...

jiahoong112 · 07-01-2024

Description This article describes how to check the kernel version on FortiGate. Scope All currently supported versions of FortiOS. Solution In the CLI, run this command: fnsysctl cat /proc/version The result of the command should look like this: Som...

jiahoong112 · 07-02-2024

Even for this, you can follow the 'Dual Region' configuration but with the same AS number in the BGP settings to ensure both Hubs and all Spokes are in the same iBGP AS. The Spokes from different region (different eBGP AS) will still end up forming s...

jiahoong112 · 07-02-2024

The SSL inspection that you were using, was it regular certificate-inspection or deep-inspection? That aside, what security profiles did you have Enabled on the specific firewall policy? Adding an ssl exemption for *.google.com as google drive would ...

jiahoong112 · 07-02-2024

You may find the PDF in this document helpful, page 76 where there is explanation on Dual Hub set up: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Fortinet-Auto-Discovery-VPN-ADVPN/ta-p/195698 Making the Hubs, spokes of each other is not...

jiahoong112 · 07-01-2024

FortiClient is not innately supported on ARM devices and the workarounds may or may not work. To save yourself the hassle, I would highly recommend you to purchase/exchange for a non-ARM based Surface Pro

jiahoong112 · 07-01-2024

As you are seeing traffic enter the ipsec tunnel on both sides, do you see packets being received on both sides as well? Besides phase1 and phase2 selectors being up and configured correctly, please check whether the firewall policy, routing are conf...

User Statistics

User Activity

Technical Tip: Captive Portal on Apple devices

Technical Tip: BGP Neighbor in Idle (Admin)

Technical Tip: Migrating Sub-Users to IAM Users in FortiCloud - FortiSASE error message ‘user login failed’

Technical Tip: Perform Application Based packet capture on Android devices using PCAPdroid - Fortitoken Mobile, FortiClient, FortiExplorer

Technical Tip: How to check Kernel version of FortiGate

Re: SDWAN ADVPN Dual Hub Question

Re: Google Drive App Does Not Sync With Web App

Re: SDWAN ADVPN Dual Hub Question

Re: Forticlient VPN ARM processer

Re: VPN IPSec between private peers ip

Technical Tip: FortiGate Firmware Downgrade for Mi...

Technical Tip: How to install FortiClient on Ubunt...

Technical Tip: Check the SSH encryption algorithm ...

Re: Help with poor Wifi performance and possible W...

Troubleshooting Tip: 'Image upgrade failed. Firmwa...

Re: How to use a different certificate instead of ...

Re: Looking for clarification on Firmware updates

Re: Allow policy for dynamic remote IP

Re: Syslog over TLS with local CA - has anyone got...

Re: What is Interfering SSIDs ?

KCS