Re: FortiClient vpn issue

cravikumar · 12-28-2024

Description This article describes why no statistic traffic logs are generated on the FortiGate even though sessions are established. Scope FortiGate. Solution By design, FortiGate generates a log every 2 minutes for new/existing sessions. However, t...

cravikumar · 12-23-2024

Description This article explains how to resolve the 'To enable this policy, please set servercert in vpn.ssl.settings' error when creating an SSL VPN policy. Scope FortiGate. Solution Error: This error occurs due to the server certificate not being ...

cravikumar · 11-26-2024

Description This article describes how DHCP option 121 adds a static route in the table and how to remove it. In this scenario, no static routes were configured, yet there are still routes present in the table. Static route: Routing table: Scope Fort...

cravikumar · 11-25-2024

Description This article describes why FortiGate displays different block pages while trying to visit the same site. Scope FortiGate. Solution Block Page 1: Block Page 2: The first screenshot is a web filter block page and the second screenshot DNS f...

cravikumar · 10-08-2024

Description This article explains how to resolve common invalid certificate errors encountered during SSL VPN user authentication using SAML. Error: 'NET:ERR_CERT_COMMON_NAME_INVALID'. Scope FortiGate. Solution When using the SAML authentication for ...

cravikumar · 09-10-2024

Topology 1:Azure-VM --- S2S --- On-Prem Topology 2:Phy-FGT --- S2S --- On-Prem Topology 3:Azure-VM --- S2S --- On-Prem --- S2S --- Phy-FGT Is this your topology? If yes, you can just update the routing table and point the destination to the correct o...

cravikumar · 09-09-2024

What's the FOS version? Run below debugs and attach the output. dia debug resetdia debug application sslvpn -1dia debug application samld -1dia debug enable https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-Companion-for-troubleshooting...

cravikumar · 07-30-2024

If you delete the services, you can't reference it under policy and objects but the services will still be active. Use local-in policy to block services. https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-block-open-ports/ta-p/189671

cravikumar · 07-27-2024

Hello, What's the FortiClient version? At what percent the connection stop? Enable FCT debug and check the reason for failure. Refer to the link below on how to enable debug log in FortiClient. https://community.fortinet.com/t5/FortiClient/Technical-...

cravikumar · 07-24-2024

What's your topology? Run a sniffer and check the source mac of the incoming traffic and make sure it's the same as blocked mac. Sniffer: dia sniffer pack any "host x.x.x.x" 6 0 a https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-Using-...

User Statistics

User Activity

Technical Tip: FortiGate fails to generate statistic traffic logs

Troubleshooting Tip: Unable to create SSL VPN policy due to input value is invalid

Troubleshooting Tip: DHCP option 121 static route in the routing-table

Troubleshooting Tip: Difference between the Web Filter and DNS block page

Troubleshooting Tip: SAML SSL VPN common name invalid certificate error

Re: Forward traffic through Site to site VPN