After updating some firewalls to FortiOS 7.4.4 I am no longer able to
log onto them using LDAP authentication. Local accounts are not
affected. I have tested my credentials on the LDAP server screen and
confirmed that I can authenticate, so this look...
I’m curious to know at which end of a VPN tunnel most people apply
restrictions. My thoughts are that you should apply restrictions near
the device you’re trying to protect. So I would allow all traffic from a
branch office to a hub and restrict acce...
Since upgrading to FortiClient 6.2, I have been unable to use my SSL
VPN. It gets stuck at 98% and then gives up. I have now upgraded to
FortiClient 6.4.0 and continue to have the same problem There's a
history of this issue with FortiClient SSL VPN ...
According to @sferoz, certificate's chains should now be checked. So if
you haven't installed the root CA certificate on your device, we have a
new bug/change in behaviour in 7.4.5.
None of the suggestions provided so far have worked for me, which
included installing a CA cert and disabling security. I feel like this
is a bug introduced in 7.4.4. At the very least, I would expect that any
issues with LDAP auth would be identifie...
The bug still exists in 7.4.3 and it is my understanding that it will be
fixed in 7.4.4 which should be released in the next couple weeks. This
issue has Bug ID 1003830 and a workaround is provided in the release
notes. Known issues | FortiGate / For...
I don't think the issue is with the pre-shared key. If you save and
re-open the connection the key is obscured (replaced with 20 dots) so
that an unauthorized user cannot infer the key length, but the key you
entered is still used unless you change i...
I don't believe you can achieve complete redundancy without some
switches in place. Ideally, you should have a switch stack with
connections distributed evenly across them so the system could copy with
firewall, switch and NIC failures. At the very l...
