Technical Tip: Web filter is not blocking websites...

ezhupa · 11-13-2024

Description This article describes out-of-sync issues caused by a VPN certificate.local between a FortiGate and FortiManager in a Backup mode ADOM. Scope FortiGate, FortiManager. Solution Randomly FortiGate checksums change and this causes the FortiG...

ezhupa · 10-23-2024

Description This article describes issues with virtual servers in HTTP mode after upgrading to the newer versions of 7.4 branch such as 7.4.3-7.4.5 Scope FortiGate. Solution Consider the following configuration working in the 7.4.1 firmware version.V...

ezhupa · 09-17-2024

Description This article describes issues when FortiGate-120G/121G failed to get HA in sync after upgrading to v7.2.9. Scope FortiGate-120G/121G. Solution When upgrading the 120G/121G FortiGates in the HA cluster from the 7.0 branch to 7.2.9 some dev...

ezhupa · 08-07-2024

Description This article describes how to resolve an issue where a DSL link is not coming up when using FortiGate 80F-DSL. Scope FortiGate, FortiOS. Solution When trying to establish a VDSL connection between a 80F-DSL FortiGate with an inbuilt modem...

ezhupa · 07-17-2024

Description This article describes that DNS resolution is not blocked if it contains uppercase with policy in flow mode with a domain threat feed set to block certain domains. Scope FortiGate. Solution When configuring an external domain threat feed ...

ezhupa · 12-12-2024

You would need to uninstall FCT and reinstall the new FCT version:Ref documents:https://docs.fortinet.com/document/forticlient/7.4.1/administration-guide/664703/manually-installing-forticlient-on-computers https://docs.fortinet.com/document/forticlie...

ezhupa · 12-12-2024

Try with the same version of FCT on the Windows 10 machine (so 7.2.4)If it works then we can rule out the FCT version as the issue here.

ezhupa · 12-12-2024

Are you using certificate authentication for your SSL VPN authentication method? If so can you check in any of the local-in policies if you have virtual-patch enabled? https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-Client-Certificate...

ezhupa · 12-12-2024

Hello, In order for the cert to be used in SSL Inspection, you would need the cert to have CA: TRUE flag so it can inspect the traffic and decrypt it. If that is not the case then you cannot use the particular cert in your SSL Inspection profile.

ezhupa · 12-12-2024

Both devices are the same? For e.g both are windows 10 with the same version of FCT?

User Statistics

User Activity

Technical Tip: FortiGate checksum changes and FortiManager Backup Mode device status becomes out-of-sync

Technical Tip: HTTP Virtual Servers not working after upgrade to 7.4.3+

Technical Tip: HA issues after upgrade to v7.2.9 for FortiGate 120G/121G

Troubleshooting Tip: VDSL issues on FortiGate 80F-DSL

Technical Tip: DNS requests with uppercase not blocked with an external Domain threat feed

Re: IPSEC VPN tunnel

Re: IPSEC VPN tunnel

Re: The Forticlient VPN is not working. No response after entering the sign in info. No error messag

Re: SSL Inspection

Re: IPSEC VPN tunnel

Technical Tip: Web filter is not blocking websites...

Technical Tip: SSL VPN on PPPoE issues after upgra...

Technical Tip: HA issues after upgrade to v7.2.9 f...

Technical Tip: Dial-up IPsec flapping issues after...

Re: FortiClient connection problem in China

Re: Redundant dial-up VPN FG to FG

Re: Ha sync config delay

Re: DNS Virtual Server load balancing to real serv...

Re: Direction incoming vs outgoing in logs (Fortig...

Re: Route vpn ipsec comes from port mgmt

KCS