Description This article describes how to get email notifications for
new firmware releases from FortiGate. Scope FortiGate v6.4 or above
Solution By creating an automation stitch, it is possible to get
automated notifications from FortiGate regardin...
Description This article explains how to convert an SSL VPN from split
tunnel mode to Full tunnel mode. Scope FortiGate v6.4 or later. Solution
Identify the portal which is under VPN ->SSL-VPN Settings Modify the
portal from 'Enabled Based on Policy ...
Description This article describes the process of converting an SSL VPN
Full tunnel configuration into a split tunnel configuration. Scope
FortiOS 6.4 or later. Solution For this conversion, modification is
required to two parts of configuration: SSL...
Description This article describes the issue when the firewall is not
coming up while upgrading the firmware. This problem may happen if the
upgrade path is not followed properly or any unwanted interruption
during the upgrade process. Let's consider...
Description This article describes the process of replacing the old
certificate with a new one in SSL VPN settings. Scope FortiGate v6.4 or
above. Solution There is two ways to accomplish this task. From GUI.
Locate the new certificate. Go to VPN set...
Are you trying IPsec dialup connection? If yes, in that case, you have
to use peer ID for both tunnels to work in the same time. The following
article as
reference.https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-use-Peer-IDs-to-selec...
You can try to force the traffic via wan2. For exampleconfig system
fortiguard set interface-select-method specify set interface wan2 set
source-ip 1.2.3.4end
This feature is only for Fortiget
GUIhttps://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-show-hostname-in-forward-traffic-log/ta-p/218709Your
syslog is receiving the raw log, IP should be resolved by that ssylog
server.
I believe the problem may be related to the Kyber Support implemented in
Chrome for TLS 1.3. Review the Chrome flags to verify the configuration.
You can do this by navigating to "chrome://flags/#enable-tls13-kyber.".
Try disabling that option and se...
If possible share a network topology and firewall config (if you have no
security concern)
https://docs.fortinet.com/document/fortigate/7.4.1/administration-guide/702257/configuration-backups