Technical Tip: Recommended basic configuration for...

Matt_B · 12-20-2025

Description This article demonstrates how to configure a dial-up IPsec VPN using IKEv2 and Multi-Factor Authentication (MFA) with Duo authentication proxy. Scope FortiOS v6.2.4 and later, dial-up IKEv2 VPN. Solution This article refers to non-SSO aut...

Matt_B · 12-17-2025

Description This article provides an overview of guides and resources for User and Multi-Factor authentication in FortiOS IKEv2 Dialup IPsec VPN. Scope FortiOS v7 and later. Solution Determine the User source and required MFA method(s) and refer to t...

Matt_B · 12-14-2025

Description This article demonstrates an example configuration allowing Active Directory users to connect to FortiGate IKEv2 VPN with FortiToken hosted on FortiAuthenticator. Scope FortiGate, FortiAuthenticator, FortiClient, FortiToken, IKEv2 Solutio...

Matt_B · 12-10-2025

Description This article describes a known issue preventing the use of computer certificates for authenticating to IPsec VPN after upgrading to FortiClient Windows v7.4.4. Scope FortiClient Windows v7.4.4. Solution FortiClient can access certificates...

Matt_B · 12-09-2025

Description This article describes an unsupported configuration that may cause VPN connections to fail after upgrade to FortiOS v7.4.9. Scope FortiOS v7.4.9, v7.6.3 and later. Solution If Azure AD auto-connect is enabled on the FortiClient but not co...

Matt_B · 12-10-2025

Thank you, this appears to match known issue 1205084 . It's scheduled for fix in FCT v7.4.5. https://docs.fortinet.com/document/forticlient/7.4.4/windows-release-notes/573433/new-known-issues."Re-importing the certificate" is the listed workaround fo...

Matt_B · 12-09-2025

If it works for SSL VPN, this suggests FortiClient itself has the required permissions to access the cert. For IPsec, ensure is enabled for the VPN connection profile. It is disabled by default.https://docs.fortinet.com/document/forticlient/7.4.4/xm...

Matt_B · 12-03-2025

Thread is old, but to avoid the use of fnsysctl (which loses permissions to read /etc/upd.dat in later firmware versions), use "diagnose test update info" to retrieve the FortiCare account FortiGate believes it is registered to.diagnose test update i...

Matt_B · 02-13-2025

Sometimes, useful info you can only find in one place is wrong! v7.2.11 was released yesterday and v7.0.17->v7.2.11->v7.4.7 is a supported upgrade path despite breaking the rule of thumb I just gave (v7.2.11 released 2025-02-12, v7.4.7 released 2025-...

Matt_B · 02-12-2025

Thank you, updated as of Q4 2024.

User Statistics

User Activity

Technical Tip: FortiOS IKEv2 Dialup tunnel with RADIUS and DUO MFA

Technical Tip: FortiOS IKEv2 Dialup VPN User and Multi-factor authentication resources

Technical Tip: Authenticating Active Directory users to FortiGate IKEv2 VPN with FortiToken MFA on FortiAuthenticator

Technical Tip: IPsec gateway authentication using computer certificate fails after upgrade to FortiClient v7.4.4

Technical Tip: IPsec VPN connection fails after upgrade to v7.4.9 if Azure AD auto-connect enabled on FortiClient and disabled on FortiGate

Re: IPsec IKEv2 VPN with LDAP username/password, computer certificate, and MFA

Re: IPsec IKEv2 VPN with LDAP username/password, computer certificate, and MFA

Re: How to check account via CLI

Re: Stuck at v7.0.17

Re: Technical Tip: FortiCloud account and FortiGate Cloud account transfer from GUI

Technical Tip: Recommended basic configuration for...

Technical Tip: FortiToken Mobile will no longer su...

Technical Tip: Using the same TCP port for IPsec S...

Technical Tip: Certificate Authentication for Fort...

Troubleshooting Tip: Advanced filters for FortiOS ...

Re: Stuck at v7.0.17

Re: Regarding an email received from forticloud: F...

KCS

User Statistics

User Activity

You are leaving our website