Description This article describes that when the Shared WAN dropdown in
the Site-to-Site IPsec VPN template is showing no entries, it usually
indicates that there are no interfaces that have the role of 'WAN' Scope
FortiGate v7.6. Solution When using...
Description This article describes when the Create New button is greyed
out in the Guest User Management Portal. Scope FortiGate. Solution In
the Guest User Management Portal, the create new button is greyed out:
Check the max account configured for ...
Description This article describes how to troubleshoot when encountering
'ERR_EMPTY_RESPONSE' message after attempting to access the FortiGate
outside interface for HTTPS management access via TCP port 443. Scope
FortiGate v7.6.1 and above. Solution ...
Description This article describes how to import an LDAP user by
searching username. Scope FortiAuthenticator. Solution Ensure the
configuration for the remote LDAP server is correct in Authentication ->
Remote Auth Servers -> LDAP: Configure the rem...
Description This article explains how to adjust the negotiation timeout
for the IPsec tunnel on a FortiGate device. Scope FortiOS 6.2 and above
Solution By default, the FortiGate IPsec negotiation has a 30-second
timeout. This means the FortiGate wil...
If it still does not work after creating a VIP and firewall policy, I
suggest collecting the debug flow from the FortiGate while you reproduce
the
issue.https://docs.fortinet.com/document/fortigate/7.4.3/administration-guide/38044/using-the-debug-flo...
I suggest running the sslvpn debug in the FortiGate while you connect to
the VPN to check why the connection fails. diag debug resetdiag vpn ssl
debug-filter src-addr4 diag deb app sslvpn -1diag deb
console timestamp enablediag deb enableTo troublesh...
Hello Hassan, I suggest running a debug flow and verify if the packets
are allowed/blocked by the FortiGate: diag debug flow filter clear diag
debug flow filter addr 172.30.1.138 anddiag debug flow filter
proto 1 diag debug flow trace start 100diag ...
I suggest running a debug flow and a packet sniffer to verify if the
traffic is hitting your PBR rule, also make sure to turn off the
offloading at the policy level to see them when you're
debugging:https://community.fortinet.com/t5/FortiGate/Trouble...
Hello Spike, It seems you're checking this log from the Application
Control log view, in which the mac address would not appear. Did you try
to check it from the Forward traffic logs? If you still don't see the
MAC address from the Forward traffic lo...
