Technical Tip: 'All FortiGuard servers failed to r...

SAJUDIYA · 10-23-2025

Description This article describes an issue with IKEv2 dial-up IPsec VPN where users authenticated through LDAP/EAP-TTLS are not receiving a token prompt and are able to connect without a token. Scope FortiOS 7.4. Solution This issue can occur when a...

SAJUDIYA · 07-15-2025

Description This issue discusses high CPU utilization on one CPU core by softirq after upgrading to one of the following versions: v7.0.16, v7.0.17, v7.2.11, v7.4.6 or v7.4.7. NP6xLite (SOC4), NP6Lite (SOC3), and NP7Lite (SOC5) are affected by this i...

SAJUDIYA · 07-11-2025

Description This article describes an issue where the CLI console fails to load when logging in with the user account sso-forticloud-admin. However, the console functions properly when logging in with accounts other than sso-forticloud-admin. The err...

SAJUDIYA · 05-01-2025

Description This article describes SSL VPN changes that were applied from v7.6.3. Scope FortiGate v7.6. Solution From v7.6.3, SSL VPN tunnel mode has been removed, leaving only web mode (which will be referred to as Agentless VPN) on some models: Age...

SAJUDIYA · 03-19-2025

Description This article describes about issue due to the misconfiguration of the certificate on the RADIUS client machine. When the client connects to WiFi SSID with RADIUS authentication, it gives a bad password error and when checking from the RAD...

SAJUDIYA · 02-11-2025

@brar45 1. In a hub-and-spoke model using FortiGate VM in Azure with SD-WAN feature, it is possible to have ExpressRoute and internet as the underlay networks without limitations. You can configure SD-WAN rules to route traffic based on your requirem...

SAJUDIYA · 11-05-2024

@luccap07 Make sure that your web filter is in flow mode and it is able to identify category. If you see category shows unknown then please provide screenshot of error and also provide log output.

SAJUDIYA · 10-16-2024

Hello @ctyctyctctcty , I would suggest to soft restart BGP route as below and if we still have issue, you can run bgp debug as mentioned: https://community.fortinet.com/t5/FortiGate/Technical-Tip-BGP-soft-reset-to-refresh-BGP-routing-table/ta-p/19014...

SAJUDIYA · 01-03-2024

@FTAdmin You need to follow steps as below: 1. You need to add 3rd party address in phase-2 selectors of main firewall if that traffic is behind main firewall 2. You can configure SNAT/DNAT for this traffic to moved traffic from main to third party w...

SAJUDIYA · 01-03-2024

@piaakit1210 Based on details and requirements , you can configured firewall policy as you mentioned, From: AnyTo: AnySource: AllDestination: "Tor-Relay.Node" and "Malicious-Malicious.Server"Schedule: AlwaysAction: DenyLog Violation Traffic: EnabledE...

User Statistics

User Activity

Technical Tip: IKEv2 Dial-up IPsec VPN authenticating users through LDAP with EAP-TTLS do not receive token prompt on FortiClient

Technical Tip: High CPU on one core consumed by softirq after upgrading to v7.0.16, v7.0.17, v7.2.11, v7.4.6 or v7.4.7

Technical Tip: CLI console cannot open once login with sso-forticloud-admin only

Technical Tip: Changes on SSL VPN modes starting from v7.6.3

Technical Tip: 'The certificate chain was issued by an authority that is not trusted.' error on RADIUS server logs when client connect to SSID

Re: Fortigate SDWAN in Azure

Re: Web Filter issues

Re: BGP Routes Not Available issue

Re: Passing traffic from a remote office to the main office and then to a 3rd party

Re: Firewall policy denying all traffic question

Technical Tip: 'All FortiGuard servers failed to r...

Troubleshooting Tip: iPhone users unable to connec...

Technical Tip: How to delete sniffer from CLI

Technical Tip: IKEv2 Dial-up IPsec VPN authenticat...

Troubleshooting Tip: HA status 'Unknown' and 'No r...

KCS

User Statistics

User Activity

You are leaving our website