Technical Tip: FortiGate HA upgrade procedure and ...

ChrisTan · 06-15-2025

Description This article describes how to fix the expired client keys for Azure FortiGate HA. Scope FortiGate in Azure. Solution The Azure application client key may expire. If so, the FortiGate HA will not work, and FortiGate will be unable to commu...

ChrisTan · 06-08-2025

Description This article describes a fast way to clean all the unused IP addresses or delete a large group with hundreds of members Scope FortiGate. Solution When FortiGate runs long time, some address groups with many members will appear. Deleting t...

ChrisTan · 05-28-2025

Description This article describes how to fix the issue (SYN, ECE, CWR) packets received from the BGP peer over the IPsec tunnel. Scope FortiGate. Solution The BGP may receive the following packet from the BGP peer while the remote peer is through an...

ChrisTan · 05-06-2025

Description This article describes that when adding a vCPU from FortiFlex, a reboot is needed. Scope FortiGate-VM. Solution Check document: Managing Flex Entitlements A reboot is recommended when adding more vCPUs because Fortinet disabled the 'autom...

ChrisTan · 04-21-2025

Description This article describes how to use the correct FortiGate OID to monitor the status of the backup VPN tunnel. Scope FortiGate. Solution When a backup VPN tunnel monitors the primary tunnel, the VPN tunnel is down, but the interface is still...

ChrisTan · 08-17-2022

https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/724772/ssl-vpn-multi-realm This is the realm config example. The purpose of the realm here is to allow user login from different channels. You can apply with different portals that match dif...

ChrisTan · 08-17-2022

Does a realm + portal help in your case? If with no-domain PC, try https://wanip/byod byod is your new realm that also matches LDAP user but no registry key check. The new portal can help to achieve limited access and a different IP address.

User Statistics

User Activity

Troubleshooting Tip: FortiGate HA in Azure stops working with client secret keys expired

Technical Tip: How to quickly remove all no-reference addresses or a group with a lot members

Technical Tip: How to fix the (SYN, ECE, CWR) packet when BGP over IPsec is not established.

Technical Tip:FortiFlex need reboot to add vCPU

Technical Tip: How to use SNMP monitoring the backup VPN tunnel interface status.

Re: SSL VPN portal profile based Host check

Re: SSL VPN portal profile based Host check

Technical Tip: FortiGate HA upgrade procedure and ...

Technical Tip: DNS Filter Rating Servers 'Unreacha...

Technical Tip: How to check Azure the inherited (n...

Technical Tip: How to create FortiGate VM in MacOS

KCS

User Statistics

User Activity

You are leaving our website