Description This article explains the basic troubleshooting steps when
'Fortinet Single Sign On (FSSO) for SSL-VPN users' using syslog is not
working. Scope FortiGate, FSSO. Solution Once the configuration is done,
there are chances that the user inf<!-- --><!-- --><!-- --><!-- --><!-- --><!-- --><!-- -->...
Description This article describes how to use a custom certificate for
FortiGate block pages. Scope FortiGate. Solution It is often possible to
see a firewall giving a block page. However, the user machine does not
show it, and it works after install...
Description This article describes some basic troubleshooting RADIUS
over TLS (RADSEC) in the RADIUS over TLS in FortiGate firewall. Scope
FortiGate 7.4 and above. Solution Below is the configuration on the
FortiGate to enable Radius over TLS (RADSEC...
Description This article explains the ike debug output in FortiGate.
Scope FortiGate, IPsec. Solution Below are the commands to take the ike
debug on the firewall: di vpn ike log-filter clear di vpn ike log-filter
diag debug app ike -1diag debug en...
Description This article describes the basic troubleshooting steps for
an explicit proxy in FortiGate. Scope FortiGate. Solution The above is
the logical topology used for this article. Refer to the article below
to understand the flow for reference:...
Hi Yeowkm99,Could you cross check if there is a IP duplicacy, you may
verify the ARP entry on the user/lan machine for the firewall ip, are
you seeing the firewall MAC address?You can get the mac address of the
firewall using below command:di hardwar...
Hi Idanieri, Thank you for the query! May I request if you have taken
sslvpnd and samld logs from the firewall when trying to connect to VPN
from mac machines? You may please share the below logs when the issue is
happening? di de reset di de app sam...
Hi Ktro, I understand you want to know what data is transferred over the
SSLVPN tunnel by the users. + You may need to track the destinations by
enabling log all sessions in the policy + If in case you want to see the
files or applications used by th...
Hi Kawkaw, Thank you for the query! Could you please confirm if you are
seeing the IKE packets on the firewall when you are trying the L2TP from
your mac machines? You may run the below debugs on the firewall:di de
reset di vpn ike log-filter clear d...
Hi Martin, Thank you for the query! I understand once you connect to
remote access VPN from your new machines, you are unable to access the
webserver hosted internally. However if you take the remote of a local
server and from there you are able to a...