Technical Tip: Usage of ‘auto-discovery-crossover’...

GeorgeZhong · 09-25-2025

Description This article explains how FortiAuthenticator forwards the SAML username to Azure Entra ID when operating as an IdP proxy. It also highlights a common issue that may be encountered, and what to consider when configuring the remote SAML ser...

GeorgeZhong · 08-07-2025

Description This article describes the 'HA out of sync' issue that occurs after importing an ACME certificate from Let's Encrypt and how to resolve it. Scope FortiGate HA, ACME certificate. Solution The Automated Certificate Management Environment (A...

GeorgeZhong · 07-21-2025

Description This article describes a scenario where the RADIUS and other authentication suddenly stop working in the secondary unit in the FortiGate HA cluster. This issue may randomly happen in v7.4. Scope FortiGate v7.4+. Solution In the HA A-P clu...

GeorgeZhong · 06-16-2025

Description This article describes a FortiGate Switch-Controller GUI behaviour that two FortiSwitches in MC-LAG mode are showing one online and one offline in all tenant VDOMs when having FortiSwitch ports in a multi-tenant VDOM setup. Scope FortiGat...

GeorgeZhong · 04-23-2025

Description This article explains why accessing the Google Play Store via SSLVPN on Android devices is restricted and outlines the underlying licensing and VPN behaviour. Scope FortiGate, SSLVPN, FortiClient for Android. Solution In certain countries...

GeorgeZhong · 09-25-2025

Hi @ERK and @HMIndustrialEPC, Thank you very much for sharing. Please find the Fortinet document for this behaviour change. https://docs.fortinet.com/document/fortigate/7.2.12/fortios-release-notes/684249/saml-certificate-verification https://communi...

GeorgeZhong · 09-24-2025

Hi saqib366, After FortiGate 7.4.0, there is a new feature that we can have the BGP peering between spokes. This requires the Hub to have the Router reflector option disabled. Detail can be found in below document: https://docs.fortinet.com/document/...

GeorgeZhong · 09-24-2025

hi, Could you please kindly clarify the meaning of the 'Site B is isolated'? Did you mean no Internet connectivity? If the site B needs to join the ADVPN setup, it needs to have the underlay connectivity (Internet) to the Hub's public IP to form the ...

GeorgeZhong · 09-24-2025

Hi, There could be multiple factors that cause the SSLVPN connection failed at 40% as mentioned in below document: https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-Possible-reasons-for-FortiClient-SSL-VPN/ta-p/211965 It is suggested to...

GeorgeZhong · 09-11-2025

Hi saqib366, If we are concerning the Hub could go down, we can have secondary Hub configured as backup. This is just like the Router Reflector in the IBGP full mesh setup. We don't need to establish the IBGP peering between each routers one by one b...

User Statistics

User Activity

Technical Tip: How FortiAuthenticator Forwards the SAML Username to Azure Entra ID When Acting as an IdP Proxy

Troubleshooting Tip: How to fix an HA out of sync issue after importing an ACME certificate from Let's Encrypt

Technical Tip: RADIUS and any other remote Authentications do not work in secondary unit in HA cluster

Technical Tip: Description of the behaviour MC-LAG FortiSwitches showing offline in the FortiGate GUI when using 'export-to'

Technical Tip: Google Play Access Restriction When Using SSLVPN on Android Devices

Re: SSL VPN Doesn't work after firmware update 7.2.12

Re: iBGP on shortcut tunnel - ADVPN

Re: SDWAN-ADVPN-BGP isolate Network

Re: SSL VPN Doesn't work after firmware update 7.2.12

Re: iBGP on shortcut tunnel - ADVPN

Technical Tip: Usage of ‘auto-discovery-crossover’...

Re: Time-based administrator login access

Technical Tip: How ICMP-redirect works in FortiGat...

Re: iBGP on shortcut tunnel - ADVPN

Re: SSL VPN Doesn't work after firmware update 7.2...

Re: Time-based administrator login access

KCS

User Statistics

User Activity

You are leaving our website