Fortinet Community

nothingel · 05-21-2019

Does any version of FortiOS support MOBIKE with IKEv2 dialup VPNs (using the built-in client on Windows 7/8/10)? I am able to successfully connect but the "status" as reported in Windows always shows a "no" for MOBIKE support. I have spotted "process...

nothingel · 02-07-2017

Does anyone know when (or IF) a new CLI reference manual will be released for 5.4? I find the current edition (June 2016) to be useless and, seemingly, a major step backwards from prior releases. http://docs.fortinet.com/d/fortigate-fortios-5.4-cli-r...

nothingel · 02-07-2017

I generally have issues with TFTP across VPN tunnels, depending upon the interface order. It seems that there's no way to define a source IP for "exec backup config tftp" in the same way "exec ping-options source" exists for plain PING. What I've dis...

nothingel · 09-17-2015

It's my understanding that wildcards are not supported in FQDN address objects and this is confirmed by the statement "Wildcards are not supported in FQDN address objects" (FortiOS Handbook v5.2.3, page 915). However, a factory reset of v5.2.4 on a 6...

nothingel · 05-06-2013

I am having trouble with throughput and the SSL VPN on both Windows and Mac clients. Latency from the client to the Fortigate is about 30ms with bandwidth in both directions of at least 10mbps. Starting with the Mac, I can achieve full expected perfo...

nothingel · 05-21-2019

I thought I'd come back to this thread and update at least one detail. From what I can tell, the issue with comcast cable is with ESP on their modems, the SMC-based ones. Although I could not find a CPU load indicator, I noticed that the web GUI was ...

nothingel · 02-07-2017

I am interested in this problem as well. I have yet to find a perfect solution either. Fortigate dial-up tunnels can be assigned IPs from RADIUS but sadly Windows IAS/NPS is not capable of handing out IP addresses from a pool. I always find Windows' ...

nothingel · 10-19-2016

Thanks for the update, your discovery is very interesting! I don't think the comcast modems are at fault (at least not totally) because I can pass protocol 50 faster when the connection is comcast cable to comcast cable than when it's comcast fiber t...

nothingel · 10-03-2016

mkintexas wrote:I am afraid I don't know exactly how to see if ESP is being wrapped in UDP packets. Is there a diag command or something that will show that? diagnose sniffer packet wan1 'host 1.1.1.1' Replace wan1 with your actual wan interface. Rep...

nothingel · 10-03-2016

mkintexas wrote:Finally are there any other changes that you made to the comcast modem? Did you do any 1-1 nat'ing? You seem to understand my setup. And no, I didn't add any 1-to-1 NAT in the cable modem. The cable modem config is very vanilla. The o...

Fortinet Community

User Statistics

User Activity

MOBIKE support and DHCPINFORM

CLI manual for 5.4

TFTP across tunnels

FQDN addresses with wildcards

SSL VPN performance and latency

Re: Slow site to site VPN Performance

Re: IKEv2 Tunnel - Tunnels for different Usergroups

Re: Slow site to site VPN Performance

Re: Slow site to site VPN Performance

Re: Slow site to site VPN Performance

RE: Bug or documentation ambiguity concerning Tru...

News & Articles

Security Research

Company

Contact Us