Description This article describes why SSL VPN stops working after
upgrading from v7.0.x to v7.2.x in the FortiGate-1500D model. The SSL
VPN debugs show 'no shared cipher' and the browser displays
'SSL_ERROR_NO_CYPHER_OVERLAP': Scope FortiGate-1500D ...
Description This article indicates FortiGate's configuration file
format. Scope FortiGate. Solution The configuration file contains only
non-default settings and select important default settings to minimize
the backup size. Unencrypted configuration...
Description This article describes how to resolve the issue when
FortiGate shows FortiAnalyzer as 'Unauthorized,' and the Authorization
page states 'No devices are available for approval.'. Scope FortiGate,
FortiAnalyzer. Solution Verify the routing ...
Description This article describes why no statistic traffic logs are
generated on the FortiGate even though sessions are established. Scope
FortiGate. Solution By design, FortiGate generates a log every 2 minutes
for new/existing sessions. However, t...
Description This article explains how to resolve the 'To enable this
policy, please set servercert in vpn.ssl.settings' error when creating
an SSL VPN policy. Scope FortiGate. Solution Error: This error occurs
due to the server certificate not being ...
Topology 1:Azure-VM --- S2S --- On-Prem Topology 2:Phy-FGT --- S2S ---
On-Prem Topology 3:Azure-VM --- S2S --- On-Prem --- S2S --- Phy-FGT Is
this your topology? If yes, you can just update the routing table and
point the destination to the correct o...
What's the FOS version? Run below debugs and attach the output. dia
debug resetdia debug application sslvpn -1dia debug application samld
-1dia debug enable
https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-Companion-for-troubleshooting...
If you delete the services, you can't reference it under policy and
objects but the services will still be active. Use local-in policy to
block services.
https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-block-open-ports/ta-p/189671
Hello, What's the FortiClient version? At what percent the connection
stop? Enable FCT debug and check the reason for failure. Refer to the
link below on how to enable debug log in FortiClient.
https://community.fortinet.com/t5/FortiClient/Technical-...
What's your topology? Run a sniffer and check the source mac of the
incoming traffic and make sure it's the same as blocked mac. Sniffer:
dia sniffer pack any "host x.x.x.x" 6 0 a
https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-Using-...
