Hello,trying to convert a FTD policy to Fortigate using FC 7.2.0.Some
ACLs contain multiple source interfaces.The converted policy imho seems
to miss source interfaces.This happens with FTD ACLs having multiple
source interfaces as well.example: acce...
Hi, I find the OBM feature on FortiExtender very very
useful.https://docs.fortinet.com/document/fortiextender/7.4.4/admin-guide-standalone/957071/obm-management
Is similar functionality in FortiOS on Fortigate available as well ? How
to use it ?If no...
Hello FortiGuys, here is a recommendation from Microsoft, how to do this
technically: Blocking adult content with SafeSearch or blocking Chat
Chat: --- If you want to guarantee Chat is turned off for all users on
your network, in your router or proxy...
Hi,we want to identify windows endpoints as corp. managed workstations
with a somehow fair confidence,but without rolling out certificates or
Agents, nor involving WinRM or other dependencies to AD.Of course we
discussed and we are aware that those D...
Hello Martin,you seem to have all 3 IP Layer 3 networks in the same
layer 2 domain.With that setup, you cannot control direct communication
between 2 devices on the layer 2.The solution is to configure Virtual
LANs on the switch and the firewall. (VL...
Hello,thanks for the answer and the link.We had already reviewed the FC
docs and pulled the LINA Config from the FTD system for
conversion.Meanwhile I have been in contact with Fortinet Engineers and
it turned out as an FC issue.The issue manifests i...
Sorry... this is not correct.This "Tag" im the RADIUS Standard Tunnel
attributeshas nothing to do with the Vendor Specific Attributes for
Cisco "Scalable Group Tags" (former: Security Group Tags)Basically, a
RADIUS server may respond with multiple "t...
Hi,well..801.X or MAC authentication both happen before the client is
assigned an address through DHCP.DHCP can not start before the port ist
authenticated by MAB or Dot1X.This is why even Cisco-Switches cannot
send AVP Framed-IP-Address with the RAD...
Thanks for your reply. Unfortunately, "Out-of-band management with
reserved management interfaces" on the Fortigates only has some
similarity in the name,but this is is something completely different
than the FEX OBM feature.on FEX, OBM means:You can...