Re: How to view IPSec Tunnel PSK

funkylicious · 11-13-2025

Hi,In case anyone needs to assign static IP addresses to users connecting a IPsec DialUP with IKEv1 and RADIUS/NPS Windows Server, here's my working configuration. EnvironmentFGT 7.4.8Windows Server 2016 Standard with NPS/AD configuredFortiClient 7.4...

funkylicious · 09-30-2025

Hi,Has someone been able to configure and use ZTNA for the AD services ? The scenario i'm trying to make use of is a remote user that needs to join his computer which for whatever reason it got removed/deleted from it. I've created 2 ZTNA servers, 1 ...

funkylicious · 09-19-2025

Hello everyone,I had a FortiClient EMS implementation for a client which required configuration of regular firewall rules with ZTNA Tags , no use of ZTNA Servers, plain old classic rules with just an extra layer of security/compliance.The implementat...

funkylicious · 08-13-2025

Hi,I am struggling to make a configuration in my LAB to work, which involves setting up a ZTNA HTTP Proxy which should redirect the traffic based on virtual-host/hostname. I am running FortiOS 7.2.11 , EMS 7.4.3 and FortiClient 7.4.3 in my environmen...

funkylicious · 03-10-2025

Hi, Like the title suggests, like trying to configure a Hairpin-NAT ( SSLVPN > LAN ) I got across the most annoying thing ever. I did configure some so far, but only from LAN > LAN this one I think it's a first. This works ( SSLVPN > LAN ) for some r...

funkylicious · 11-14-2025

hi,they work the same as in Cisco.on the FortiGate you create a interface where you select the parent/physical interface and the vlan id to tag it ( subinterface ).on the FortiSwitch you create the vlan and tag it on the port ( trunk interface ) - ht...

funkylicious · 11-12-2025

hi,have a read at these,https://community.fortinet.com/t5/FortiGate/Technical-Tip-VOIP-calls-using-SIP/ta-p/193831https://community.fortinet.com/t5/FortiGate/Technical-Tip-Disabling-VoIP-Inspection/ta-p/194131?externalID=FD36405 as for recommendation...

funkylicious · 11-12-2025

here's a good article on how to test, by @Yurisk https://yurisk.info/2020/07/26/fortigate-how-to-verify-and-test-if-ips-is-working/

funkylicious · 11-12-2025

hi,in this (below) previous thread, i posted some working IPsec VPN with machine/client based cert configuration.see if any of them work for you. https://community.fortinet.com/t5/Support-Forum/IPsec-IKEv2-Dialup-using-LDAP-Machine-Cert-authenticatio...

funkylicious · 11-12-2025

hi,only subnets specified in the split tunneling object in IPsec Phase1 will be installed on the computer connecting to the VPN, not the ones in the firewall rules.as for FQDN, this will not be possible as per https://community.fortinet.com/t5/FortiG...

User Statistics

User Activity

IPsec DialUP Framed-IP-Address with IKEv1 and Windows NPS

ZTNA - Active Directory services

Firewall sessions with ZTNA Tag changes

ZTNA HTTP Proxy - virtual host

VIP Hairpin NAT - issue

Re: Confusion about VLANs

Re: Virtual IPs vs SNAT &DNAT

Re: IPS not working

Re: VPN IPSEC IKE (1 or 2) certificate-based authentication does not work with Forticlient VPN

Re: Subnet propagation in IPSec DialUp with split tunneling

Re: How to view IPSec Tunnel PSK

Re: I Need install Forticlient VPN 7.0.8.0427

Re: NSE6_FAZ-7.2 Dumps Practice Questions

Re: FortiNAC network type

Re: IKEv2 IPsec VPN remote connection fails — EAP ...

Re: IPS not working

Re: Redistributing OSFP routes into BGP

Re: Hub Not Populating in SDWAN Overlay Template

Re: Fortigate Gateway NAT Problem

Re: Importing IPSec tunnel configuration to FortiC...

Super User

User Statistics

User Activity

You are leaving our website