it appears that a commonly documented and recommended deployment model
from fortinet is actually out of spec. This is a ikev1 + psk + xauth +
otp style setup. The Phase1 Pre-Shared Key, in combination with Xauth is
a known (if legacy) deployment meth...
Due to Fortigate implementing an out of spec ikev1 + xauth + OTP which
is undocumented and out of spec (I'll create another thread for this).
And due to the Linux client lacking IPSec support (as far as I can
tell). It is impossible for the Forticlie...
Hi there; We have deployed several Fortigate IPSec Hardware boxes
accross 5 regions and more than 10 DC's. The configuration procedure
being supplied as a backup/restore into the official fortigate client
appears to be un-usable across all three majo...
That's a completely different style gateway config than the one
described. Relevance? Fortinet engineers set this up. It's not a legacy
deployment, and I found plenty of fortinet 'cookbooks' which also
recommend this style setup. As it stands this is...
As mentioned in the original post I edited out all the windows specific
os and references to cert store... No nice. Same behaviour. I think the
export/import is broken generally across platforms.
This behavior in Linux is completely arbitrary - it found a bunch of
things which were intended to be there. I.e Pen test tools. docker
containers /chroots with old versions of JRE's needed for ILO/BMC etc;
it really didn't like the fact I had a cust...
