Troubleshooting Tip: Possible reasons for FortiCli...

sjoshi · 09-30-2025

Description This article describes how to configure threat feeds in FortiSASE to enhance security. Scope FortiSASE. Solution Threat feeds automatically import external block lists from an HTTP server in plain text format. These block lists can enforc...

sjoshi · 09-29-2025

Description This article describes how to troubleshoot internet connectivity issues on endpoints when the internet remains inaccessible even after disconnecting from FortiSASE VPN. Scope FortiSASE. Solution When the FortiSASE VPN is connected the int...

sjoshi · 09-29-2025

Description This article describes how to troubleshoot FQDN traffic hitting incorrect policies. Scope FortiGate. Solution Traffic intended for specific allowed URLs/FQDNs is not hitting the top-priority policy and is instead being matched with anothe...

sjoshi · 09-29-2025

Description This article describes the behavior of FortiGate HA uptime reset and how it can trigger unexpected failover events. Scope FortiGate. Solution FortiGate is set up in HA A-A mode. Environment details: FGT3KD3Z16800033: Master (less priority...

sjoshi · 09-29-2025

Description This article describes an issue where one of the SPA tunnels in FortiSASE goes down for a specific Point of Presence (POP), while other POPs continue to operate normally. It also provides possible causes, troubleshooting steps, and workar...

sjoshi · 09-30-2025

Hi @gorapr , Are you setting up site to site vpn or the dial up vpn. If you do not want to divert all the internet traffic towards the HUB then you can define specific static route for certain destination on the spoke to sent those traffic towards th...

sjoshi · 09-30-2025

Hi @sk4 , can you share the routing table output get router info routing-table details x.x.x.x >> where x.x.x.x is the neighbor IP and let me know which interface it should take

sjoshi · 09-25-2025

your issue is because of RPF failure can you share your routing table: get router info routing-table all

sjoshi · 09-24-2025

Hi @LIN3S , Have you tried with wildcard "factorialhr" with action as exempt?

sjoshi · 09-24-2025

Hi @n1olan , I understand from your notes that you are using dialup vpn. Currently it is working with ikev1 So when you setup ikev2 the public IP and the user group will be same or different than using ikev1?

User Statistics

User Activity

Technical Tip: How to setup threat feed in FortiSASE

Troubleshooting Tip: Internet Connectivity Issue in Endpoint even after disconnecting FortiSASE VPN

Troubleshooting Tip: Incorrect Policy Hit for FQDN Traffic

Troubleshooting Tip: FortiGate HA: Unexpected Uptime Reset Leading to Unwanted Failover

Troubleshooting Tip: SPA Tunnel Down on a Specific POP in FortiSASE

Re: Advice for IPSec

Re: How select next hop for bgp control plane message incase ECMP Route via ike/32 Injection

Re: Fortigate - Traffic on backup WAN interfcae dropped

Re: Add URL excepctions in FortiSASE

Re: Migrating from IKEv1 to v2 - Can both run simultaneously?

Troubleshooting Tip: Possible reasons for FortiCli...

Technical Tip: Allow the communication between end...

Troubleshooting Tip: Resolving 'Invalid Number' Er...

Troubleshooting Tip: Unable to Subscribe to FortiS...

Troubleshooting Tip: Captive Portal error 'The str...

Re: Forti EMS vs FSSO

Re: firewall access log

Re: Failed to establish the VPN connection. (-5029...

Re: Active Directory Connector cannot connect but...

Re: IPsec won't split tunnel

KCS

FortiGate-VM on Azure

FortiGate-VM on AWS

Fortinet Training Institute

Engage Services

User Statistics

User Activity

You are leaving our website