Description This article describes a dial-up IPsec tunnel configuration
using IKEv2 in which the user authenticates using user credentials and
2FA using FortiToken Mobile. Scope FortiOS. Solution Create a local user
on the FortiGate and assign an ava...
Description This article describes a possible cause when there is no
traffic is seen on the FortiGate even after the proper route is pushed
on the client when connected to dialup VPN. Scope FortiGate,
FortiClient. Solution When connecting to an IPSEC...
Description This article describes how to manually assign a Policy ID to
the firewall policy from the FortiGate GUI. Scope FortiGate. Solution In
order to manually assign a Policy ID from the GUI, 'Policy Advanced
Options' must be enabled. From the G...
Description This article describes the issue when an SSID is not
broadcasted by the FortiAP even if the broadcast SSID is enabled on the
SSID. Scope FortiOS 7.0, 7.2, FortiAP. Solution When an SSID is created
on the FortiGate the broadcast SSID optio...
Description This article describes how to enable the force-admin
password change feature for FortiGate admin accounts. Scope FortiGate.
Solution To enable this feature it is mandatory to first enable the
password-policy status on the FortiGate: confi...
I'm not recommending to use redundant link setup on FortiGate because
when you place this interface in monitor interface on HA on fortigate it
will not go down until both link fails
Hence both the switches are working independently a LACP or port channel
will not form , from your topology your 2 LACP ports from the FGT are
also connecting to 2 different switch here, your solution would be
either use one switch , or stack the swi...
To troubleshoot this : 1) Please install a wireshark on the client
machine and check if the VPN traffic is even generated or leaving
through the computer 2) If the traffic is not seen on capture then it
simply means that its an issue on endpoint, 3) ...
when you have a manual rule then the first selected WAN interface will
be used and then the second, Also note that SD WAN rules are policy
routes, To verify the proute traffic please refer this article:
https://community.fortinet.com/t5/FortiGate/Tec...
Once you enable the exclusive routing the on-link won't be able to get
any traffic so I can't think of any way how your VM's can even
communicate , I don't think its even possible may be it could be by
creating a static route entry on your computer a...
