Hi all, I have a Fortimanager managed set of Fortigates. For reasons
unknown I don't see any logs of those successfully logging into the SSL
VPN. I've searched high and low but can't find anything in Fortimanager
to deploy to change this behaviour? A...
Hi all, I have an HA pair of FAZ400E Fortianalyzers. I want to disable
SSH on the active port whilst retaining it on another (management) port
that is not physically connected. However, SSH is still accessible the
HA address despite it being unticked...
Hi All! We have a significant number of InTune joined devices that
authenticate against Azure Active Directory (AAD). We need to work out a
way of authenticating to these clients to the Fortigate. We have
connected the FG to AAD for the VPN with grou...
Hi everyone. What I want to do is access some resources across the IPSEC
vpn terminated on the fortigate via the SSL Portal on that same
fortigate. I can't ping the resources from that fortigate and I think
it's to do with the originating address and...
Hi there, Got an oddity. 7.0.0 works fine, but when I install 7.0.1 or
7.0.2 (VPN client) it connects and seems to be working. There is even
traffic passing the rules on the FG. But the remote client fails. Roll
back to 7.0.0 and it's fine. Any ideas...
Hi Debbie, We're using FAZ so those logs should have gone through to
there?It's just an easy thing, I thought, just to record who logs in
successfully lol! CheersJon
What I'm seeking to do is the same as the seamless nature of a login to
a AD joined device that is authenticated to FSSO. The idea being that
the user logs into their AAD account on the intuned device, then FG
authenticates them based on that. At pre...
If you have an outline of your setup then perhaps that would extend the
conversation?What we're talking about is InTune only setup, no hybrid
joins to local AD etc.Without substantial additional infrastructure it
appears that your only option is a we...
Hi Debbie, So is there an ability to set a self-originating traffic
address for the SSL VPN Portal?Like I mentioned, I used to use an IP
Pool on the traffic rule and it seemed to work - but now it
stopped!CheersJon
