Hi Team, I have the following issue:I created a Policy based Ipsec
tunnel, with a specific source IP subnet, and destination subnet is set
to "all". The specific source subnet is routed into the Ipsec tunnel,
it's ok. But the fortigate do some strang...
Hi, We have a central Fortigate, and we are testing some remote APs. If
we are testing it behind a 3rd party 4g modem, CAPWAP tunnel sometimes
works but mostly not. It's really unpredictable. We made a capture on
the fortigate, I attached a screensho...
Hi All, I have the following situation: I configured a guest SSID with
Disclaimer Only authentication. I would like to configure the session
timeout to 3 hour, and the renewal frequency to 1 hour (after the
session time out, the user can not authenti...
Hi, Yes, but at my situation source is specific, destination is all. How
to handle routing in that situation? I guessed policy route is the
solution for that, because I can't make a default route to the tunnel. I
tested with fortigate's interface as ...
Hello, The reason why I made a policy based Ipsec is that I would like
to put only one specific source subnet into to ipsec, but from that
subnet to all destination.So my firewall policy looks like so:source:
specific subnetdestination: allsource int...
Thank you for your answer.No we didn't find any patterns. Yes If its not
behind the 4g device, it works. I guessed MTU too, and I made some
tests. I started to ping the Fortigate with 1500 byte packets with
df-bit, and it passed.
Hello, Thank you, but unfortunatelly i didn't find the solution in these
articles :(I use the internal Disclaimer page on the FortiGate with no
authentication. My goal is to drop the client after 2 hours, and after
that the user have to Agree with th...
Hi All, Did You find the right configuration for this issue? Which
interface should be the outgoing interface when there is an ipsec over
the WAN interface? Thank you! Best Regards, Istvan