Technical Tip: FortiGate HA upgrade procedure and ...

ChrisTan · 09-22-2025

Description This article describes the Adaptive MFA rule, which allows bypassing the OTP by subnet range or Known devices. Scope FortiAuthenticator v6.6.3+. Solution Starting from v6.6.3, the FortiAuthenticator has the Adaptive MFA rule, to combines ...

ChrisTan · 09-21-2025

Description This article describes that Outlook can not receive email automatically and needs to add Outlook ISDB to the SIA policy. Scope FortiSASE. Solution Sometimes, the Outlook behind FortiSASE cannot receive emails even if 'Microsoft-Outlook' i...

ChrisTan · 08-24-2025

Description This article provides an option to use a loopback IP for the DHCP-relay source IP. Scope FortiGate. Solution FortiGate allows an external DHCP server to assign IP addresses to the IPsec VPN clients. This is typically found in enterprises ...

ChrisTan · 08-19-2025

Description This article describes how to use and configure the ping server in an HA virtual cluster environment Scope FortiGate. Solution The HA ping server needs to enable a link monitor or SD-WAN health check. config system link-monitor edit "L_M_...

ChrisTan · 07-24-2025

Description This article describes the feature of ADVPN that injects the tunnel IP to the spoke site for BGP peering. Scope FortiSASE. Solution The below is a standard ADVPN config: config vpn ipsec phase1-interface edit VPN1 set type dynamic set int...

ChrisTan · 08-17-2022

https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/724772/ssl-vpn-multi-realm This is the realm config example. The purpose of the realm here is to allow user login from different channels. You can apply with different portals that match dif...

ChrisTan · 08-17-2022

Does a realm + portal help in your case? If with no-domain PC, try https://wanip/byod byod is your new realm that also matches LDAP user but no registry key check. The new portal can help to achieve limited access and a different IP address.

User Statistics

User Activity

Technical Tip: Adaptive MFA rule allow users can bypass the OTP verification

Troubleshooting Tip: Outlook auto receive email over FortiSASE SIA

Technical Tip: IPsec VPN client with DHCP-relay for external DHCP service use loopback IP address

Technical Tip: How to set HA ping server in virtual cluster

Technical Tip: ADVPN will inject the tunnel IP address to the spoke, but dial-up VPN will not

Re: SSL VPN portal profile based Host check

Re: SSL VPN portal profile based Host check

Technical Tip: FortiGate HA upgrade procedure and ...

Technical Tip: DNS Filter Rating Servers 'Unreacha...

Technical Tip: How to check Azure the inherited (n...

Technical Tip: How to create FortiGate VM in MacOS

Troubleshooting Tip: DHCP relay issue

KCS

User Statistics

User Activity

You are leaving our website