Technical Tip: FortiGate IPSec Dial-up IKEv2 SAML-...

akanibek · 01-19-2026

Description This article describes how to manage FortiGate’s internal service (over HTTPS) using a ZTNA Access Proxy. Scope FortiOS starting v7.0.6 GA. Solution Starting v7.0.6, there is a behavior change applied to FortiOS. See this article: Technic...

akanibek · 12-17-2025

Description This article describes default behavior while there are two different ports are used in Explicit Proxy for HTTP and HTTPS. Scope All supported versions of FortiOS. Solution There is an option to specify different listening proxy ports on ...

akanibek · 11-24-2025

Description This article explains how to troubleshoot CSR generation if the certificate is generated without a Subject Alternative Name (SAN) using the FortiGate GUI. Scope FortiOS 7.2.X, 7.4.X, 7.6.X. Solution The Subject Alternative Name (SAN) attr...

akanibek · 10-29-2025

Description This article describes FortiGate’s default behavior when it is operating in a different secure-explicit-proxy mode. Scope FortiOS v7.4.0 and above, FortiOS v7.6.0 and above. Solution A secure-web-proxy option is available starting 7.4.0: ...

akanibek · 09-25-2025

Description This article explains the default certificate matching behavior for SSL-VPN and IPsec VPN tunnels on FortiGate. Scope FortiGate v7.0, v7.2, v7.4, v7.6. Solution According to the internal engineering documentation, FortiGate’s certificate ...

akanibek · 05-05-2024

I would suggest considering placing your FGT before Mikrotik, and adjust your firewall policies on FGT. Then, send all traffic to Mikrotik which could act as default route to your FGT. If you have several segments, and all routes are in the Mikrotik,...

akanibek · 05-05-2024

Dear team, before purchasing, or getting a device from second hand, please ensure that the legacy owner has active email in the support portal, and can transfer his device to you. Meanwhile, be informed from Local Sales Representatives, if you purcha...

akanibek · 05-05-2024

try to sign in to the portal below, where you can find docs related REST API: https://fndn.fortinet.net/

akanibek · 04-26-2024

Have a look also to this documentation, step #2. It should be possible to perform without EMS server as @ozkanaltas said: https://docs.fortinet.com/document/forticlient/7.2.4/administration-guide/445907/configuring-autoconnect-with-username-and-passw...

akanibek · 04-26-2024

Could you make a packet capture with some debugs on FGT enabled, and compare outputs. Which device does terminate connection? Maybe you could see some errors from debugs: 1. packet capture between FGT and DC. 2. debugs: diag de reset diag de app fnba...

User Statistics

User Activity

Technical Tip: Manage FortiGate’s internal services via ZTNA access proxy

Technical Tip: FortiOS default behavior for HTTP/HTTPS explicit proxy ports

Technical Tip: FortiGate - Troubleshoot CSR generation without a Subject Alternative Name (SAN) in the GUI

Technical Tip: FortiGate secure-explicit-proxy modes behavior

Technical Tip: FortiGate - SSL VPN and IPsec Dial-up PKI-user certificate matching logic

Re: setup FortiGate Firewall with Mikrotik Router.

Re: If I buy and second hand fortigate,how to buy a license

Re: need fortiweb api reference for versions 7.0 and 7.2

Re: FortiClient VPN - program does not remember the login and password.

Re: LDAPS issue, 'Can't contact LDAP server'

Technical Tip: FortiGate IPSec Dial-up IKEv2 SAML-...

Technical Tip: FortiGate HA Out-of-sync issue on v...

Re: LDAPS issue, 'Can't contact LDAP server'

Re: Translate Replacement message

Technical Tip: Capture traffic into separate files

Re: Is there an api where I can collect data from ...

Re: FG 60E Firmware Update Issue

Re: Setup Forticlient as dialup Client

Re: FortiAuthenticator as a Radius Server

Re: Unauthenticated user

KCS

User Statistics

User Activity

You are leaving our website