Re: FortiClient vpn issue

cravikumar · 10-08-2024

Description This article explains how to resolve common invalid certificate errors encountered during SSL VPN user authentication using SAML. Error: 'NET:ERR_CERT_COMMON_NAME_INVALID'. Scope FortiGate. Solution When using the SAML authentication for ...

cravikumar · 08-24-2024

Description This article describes how to force traffic through only one SD-WAN member and drop if that interface is down/unavailable. In this example, there are two WAN interfaces (port1 and port2), and Netflix traffic is sent only through port2 and...

cravikumar · 08-08-2024

Description This article describes that FortiGate does not respond to ARP messages sent by the end devices and cannot access GUI. Scope FortiGate. Solution When trying to access FortiGate GUI, the connection times out. On FortiGate, there are only in...

cravikumar · 08-02-2024

Description This article discusses the 'discard Logon' message that can be found when checking Fortinet Single Sign-On (FSSO) logs on the DC Agent. Note: This article assumes that logging is already enabled on the DC Agent(s). Refer to the following ...

cravikumar · 07-29-2024

Description This article describes how to assign an IP using DHCP option 82 on FortiGate with a Cisco Switch. Topology: Scope FortiGate. Solution Step 1: Enable DHCP Option 82 on the Switch: Enable DHCP Snooping Globally: Switch# configure terminal S...

cravikumar · 09-10-2024

Topology 1:Azure-VM --- S2S --- On-Prem Topology 2:Phy-FGT --- S2S --- On-Prem Topology 3:Azure-VM --- S2S --- On-Prem --- S2S --- Phy-FGT Is this your topology? If yes, you can just update the routing table and point the destination to the correct o...

cravikumar · 09-09-2024

What's the FOS version? Run below debugs and attach the output. dia debug resetdia debug application sslvpn -1dia debug application samld -1dia debug enable https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-Companion-for-troubleshooting...

cravikumar · 07-30-2024

If you delete the services, you can't reference it under policy and objects but the services will still be active. Use local-in policy to block services. https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-block-open-ports/ta-p/189671

cravikumar · 07-27-2024

Hello, What's the FortiClient version? At what percent the connection stop? Enable FCT debug and check the reason for failure. Refer to the link below on how to enable debug log in FortiClient. https://community.fortinet.com/t5/FortiClient/Technical-...

cravikumar · 07-24-2024

What's your topology? Run a sniffer and check the source mac of the incoming traffic and make sure it's the same as blocked mac. Sniffer: dia sniffer pack any "host x.x.x.x" 6 0 a https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-Using-...

User Statistics

User Activity

Troubleshooting Tip: SAML SSL VPN common name invalid certificate error

Technical Tip: Limit the traffic to only one SD-WAN interface

Troubleshooting Tip: FortiGate is not responding to ARP

Troubleshooting Tip: FSSO 'discard logon' messages observed in DC Agent logs

Technical Tip: DHCP Option 82 on FortiGate

Re: Forward traffic through Site to site VPN