Fortinet Community

gfleming · 01-29-2023

You should be able to configure a tunnel from the same LAN interface connected to your GWLB. Question is probably better answered with a clearer picture of your topology and if you want to leverage the GWLB in the IPSec flow or not?

gfleming · 01-29-2023

You can do it but it will be hard to make it a trusted certificate for all of your clients. It will need SANs or wildcard CN so that each FortiGate that is presenting it will be verified accordingly. Otherwise users will get untrusted certificate war...

gfleming · 01-28-2023

As mentioned in my reply a week ago, you need a wildcard certificate or a certificate with multiple SANs. Fortigate will not select individual certificates for you based on hostname. If you want this functionality you should use a purpose-built appli...

gfleming · 01-27-2023

I googled that error message and it sounds related to a web proxy error. Do you have web proxy on your network?

gfleming · 01-27-2023

I understand how vlan 50 traffic passes between 2 switches without fortinet. But I'm surprised cause the L2 traffic from port1 of the software switch, goes through port 2 as if it were a mirror port. The software switch is a switch. It's a two-port s...

Fortinet Community

User Statistics

User Activity

Re: Site to Site tunnel from Fortigate which is behind a GWLB in AWS

Re: Using Same Certificate for IPSec VPN Authentication

Re: Web hosting like GoDaddy

Re: Problem with FortiAP 321c set up

Re: intra-switch-policy explicit or implicit?

Re: FortiGate Static Route Priority

Re: intra-switch-policy explicit or implicit?

Re: How exactly are security profiles matched?

Re: idle_timeout vs idle_timeout_gui

Re: FGSP only configuration sync

Re: Access fortigate via http and https

Re: CTLs and other security sites

Re: Wildcard FQDN not working because STUN tunnels...

Re: FG FS FAP stack and VLAN not getting DHCP

Re: How exactly are security profiles matched?