Troubleshooting Tip: 'Installed firmware is not si...

iskandar_lie · 06-13-2023

Description This article describes why FortiGate sends a reset to the destination in the NAT64 scenario and how to resolve the issue. Scope FortiOS 7.0.x and later. Solution Consider the scenario where the implementation is done in the cloud environm...

iskandar_lie · 06-01-2023

Description This article will explain why IP address under IPS quarantined list is still able to access SSL VPN interface. Scope FortiGate. Solution Consider the scenario: diagnose user quarantine list The user with IP address 192.168.1.3 still can a...

iskandar_lie · 06-01-2023

Description This article will show how to correctly design the LACP bundling to FortiGate HA active-passive. Scope FortiGate HA. Solution In order to bundle the LACP interface facing to FortiGate HA active-passive, it is necessary to understand that ...

iskandar_lie · 05-30-2023

Description This article describes a successful use case for monitoring an SSL VPN certificate expiry check using N-Central. Scope FortiOS. Solution Scenario: 1) The user is deploying the SSL VPN certificate for an SSL VPN connection in either web or...

iskandar_lie · 05-30-2023

Description This article describes how to resolve an intermediate certificate issue that triggers a 'Fortinet Untrusted CA' error to occur while browsing the web. Scope Any supported version of FortiOS. Solution Consider the following scenario: 1) Th...

iskandar_lie · 05-12-2022

Hi Michael, do you use split-tunnel? If yes. So whenever the you are connected to vpn - you will get route injection for internal subnet - that you wish to access from ssl-vpn. You can check if the route is there on your client station whenever it di...

iskandar_lie · 05-11-2022

Hi,we may have different opinion and point-of-view how we see the thing is done. But for me, just to make slave become primary in A-P configuration - should not cause the failover as long as all parameter is well maintained like monitoring port, upti...

iskandar_lie · 05-10-2022

Hi, Under the security profile, start from Antivirus, and so fort - they are UTM. You can enable it by pressing the slide. this is to clarify you question about UTM and Sec. events :https://community.fortinet.com/t5/FortiGate/Technical-Tip-Difference...

User Statistics

User Activity

Troubleshooting Tip: NAT64: FortiGate sends reset to destination

Technical Tip: IP address under IPS quarantine list is still able to access SSL VPN interface

Technical Tip : LACP bundling diagram guide between stacked switch and FortiGate High Availability active-passive

Technical Tip: N-Central for SSL VPN certificate monitoring

Troubleshooting Tip: 'Fortinet Untrusted CA' when browsing certain websites

Re: LINUX WIFI/Hotspot Connection Issue - SSL-VPN

Re: Shutting down the Primary of an HA pair

Re: If I Put UTM in the firewall policy will it collect logs?

Troubleshooting Tip: 'Installed firmware is not si...

Technical Tip: SSL Deep Inspection basic behavior

Technical Tip: Implement Hub and Spoke or point to...

Technical Tip: Implement Source-NAT for IPsec inte...

Technical Tip : Basic Command for Investigating F...

Re: If I Put UTM in the firewall policy will it co...

KCS