Re: How to view IPSec Tunnel PSK

funkylicious · 11-13-2025

Hi,In case anyone needs to assign static IP addresses to users connecting a IPsec DialUP with IKEv1 and RADIUS/NPS Windows Server, here's my working configuration. EnvironmentFGT 7.4.8Windows Server 2016 Standard with NPS/AD configuredFortiClient 7.4...

funkylicious · 09-30-2025

Hi,Has someone been able to configure and use ZTNA for the AD services ? The scenario i'm trying to make use of is a remote user that needs to join his computer which for whatever reason it got removed/deleted from it. I've created 2 ZTNA servers, 1 ...

funkylicious · 09-19-2025

Hello everyone,I had a FortiClient EMS implementation for a client which required configuration of regular firewall rules with ZTNA Tags , no use of ZTNA Servers, plain old classic rules with just an extra layer of security/compliance.The implementat...

funkylicious · 08-13-2025

Hi,I am struggling to make a configuration in my LAB to work, which involves setting up a ZTNA HTTP Proxy which should redirect the traffic based on virtual-host/hostname. I am running FortiOS 7.2.11 , EMS 7.4.3 and FortiClient 7.4.3 in my environmen...

funkylicious · 03-10-2025

Hi, Like the title suggests, like trying to configure a Hairpin-NAT ( SSLVPN > LAN ) I got across the most annoying thing ever. I did configure some so far, but only from LAN > LAN this one I think it's a first. This works ( SSLVPN > LAN ) for some r...

funkylicious · 12-08-2025

hi,in the Internet service field you can select Teams ISDB ( list of IPs ) and enable Outgoing Interface and select the desired one.another option would be to set SD-WAN rules for this Application and it will require you to enable AppCtl profile also...

funkylicious · 12-07-2025

Hi AEK,an idea would be to create 2 different ZTNA servers on the FGT ( with private and public IP as external ) and in EMS assign each one to a specific ZTNA profile ( having one for each situation, on- and off- ) depending if the client would be on...

funkylicious · 12-06-2025

hi,policy based IPsec is hardly used, at least in my experience if we are ref. of how it should be set, https://community.fortinet.com/t5/FortiGate/Technical-Tip-Enable-Policy-Based-IPsec-VPN-configuration/ta-p/190244 . i think i've done only once a ...

funkylicious · 12-05-2025

hi,usually this is how it works. you need to add/exempt each particular URI that the website has/needs to access to load different things.you can try to exempt/allow in the webfilter a wildcard URL ( * ) with the Referrer facebook.com and/or www.face...

Re: Firewall Policy checking AD Users · 12-05-2025

hi,using FortiGate to retrieve from a DC agent or polling the AD directly ?L.E. i think its related to event id 4624 not being trigger due to logon to the workstation before having network access to the DC.

User Statistics

User Activity

IPsec DialUP Framed-IP-Address with IKEv1 and Windows NPS

ZTNA - Active Directory services

Firewall sessions with ZTNA Tag changes

ZTNA HTTP Proxy - virtual host

VIP Hairpin NAT - issue

Re: Application-Based Routing on FortiGate While Using Dual ISPs

Re: Auto-imported ZTNA gateway IP

Re: NSE4_FGT-7.2 Certification Journey Scenario Question

Re: Webfilter not fully allow the website

Re: Firewall Policy checking AD Users

Re: How to view IPSec Tunnel PSK

Re: I Need install Forticlient VPN 7.0.8.0427

Re: NSE6_FAZ-7.2 Dumps Practice Questions

Re: FortiNAC network type

Re: IKEv2 IPsec VPN remote connection fails — EAP ...

Re: Can't connect VPN-IPsec on phones

Re: Analyzer SQL Query:

Re: Dial-UP IPSec IKEv2 Split Tunnel

Re: Issues connecting to L2TP/IPsec after connect ...

Re: FortiEMS: Is changing FQDN Name affecting curr...

Super User

User Statistics

User Activity

You are leaving our website