Troubleshooting Tip: Stop the captive portal trigg...

Patterson · 10-08-2024

Description This article describes how to validate the on-fabric rule match status on endpoint using the Forticlient Diagnostic Tool. Scope FortiSASE. Solution Once the configuration is completed according to the following admin guide for on-fabric d...

Patterson · 08-26-2024

Description This article describes how to troubleshoot FortiClient (FCT) management connection issues with FortiSASE. Scope FortiSASE, EMS. Solution EMS is one of the backend components in FortiSASE, and FortiClient uses a telemetry connection for ma...

Patterson · 08-18-2024

Description This article describes how to perform an SSL VPN debug specific to a Point of Presence (PoP) in FortiSASE. Scope FortiSASE. Solution In FortiSASE, customer access to backend devices is limited, which restricts advanced troubleshooting cap...

Patterson · 08-11-2024

Description This article describes troubleshooting when there is no ARP reply for a VIP or IP pool IP. Scope FortiOS v7.0 and above. Solution Imagine a scenario where having configured a new VIP or IP pool, or modified an existing one. After making t...

Patterson · 11-20-2023

Description This article describes how to enable SAML auth with G Suite. Scope FortiSASE (SP), G Suite (IDP), FortiSASE v23.4.17, SSO. Solution Login to FortiSASE account https://portal.prod.fortisase.com/ and navigate to Configuration -> Authenticat...

Patterson · 07-29-2023

Hi @yeowkm99 Based on the update, I understand that from Firewall Lan IP as a source your not able to ping other network. Also when you mentioned that from Lan to Lan reachability is fine, Was this validated from both direction? Is Nat enabled on the...

Patterson · 07-18-2023

@Akmostafa , Can you confirm if your have the FGT added to FAZ(which is having IOC license). Also check if the blocked user source is getting listed for the below command. diag user quarantine list or diag user banned-ip list

Patterson · 07-16-2023

Hi @joshow , I missed the part of cert error mentioned. As checked the CN/SNI in SSL certificate we not get matched even with deep-inspection. Suggesting to use Web-filter along with DNS-filter. Regards, Patterson

Patterson · 07-16-2023

Hi @joshow , I understand that your looking for a replacement message if the DNS filter is blocking the access based on your configuration. Since this is a DNS query initiated, FGT can't responds back with http responds. Instead we have the option to...

Patterson · 01-05-2023

Hi Vassilis, I think we got the issue !!! Please change the Action execution from Parallel to Sequential. The issue was occurring for me also, when set to parallel... Regards, Patterson

User Statistics

User Activity

Technical Tip: Validating On-Fabric Rule Match Status on Endpoints Using the FortiClient Diagnostic Tool

Technical Tip: How to troubleshoot FortiClient (FCT) management connection issue with FortiSASE

Technical Tip: How to perform an SSL VPN debug on a specific Point of Presence (PoP) in FortiSASE

Technical Tip: How to Troubleshoot 'No ARP Reply for VIP or IP Pool IP'

Technical Tip: FortiSASE VPN User SSO with G Suite

Re: FG100F LAN interface traffic

Re: Denied traffic on non utm non implicit policy

Re: DNS Filtering

Re: DNS Filtering

Re: %%result%% is not working in Body of Email

Troubleshooting Tip: Stop the captive portal trigg...

Technical Tip: How to Troubleshoot 'No ARP Reply f...

Technical Tip: How to troubleshoot FortiClient (FC...

Technical Tip: How to perform an SSL VPN debug on ...

Technical Tip: How to restore Image via URL/HTTP

Re: %%result%% is not working in Body of Email

KCS