Since August 10th, there is an appendix in the daily reports I am
receiving from my free FortiGateCloud account:Dear customer,please
kindly be aware that this report type will cease to be available on
FortiGate with free FortiCloud Service subscripti...
I have created a new certificate request for local certificates (using
the GUI), using ECDSA p256 cryptographic parameters.Then I signed it at
my root CA with a template of subordinate CA (basic constraint cA:TRUE);
and I imported the signed certific...
I am very short on public IPs, and I would like to have my Fortigate to
service IPsec clients (using a variety of clients) while at the same
time using the same public IPv4 to keep running the site-2-site tunnel
with a remote branch office (with a 2n...
Hi @Muhammad_Haiqal representing Fortinet:Thanks for your input.However
buying (then configuring, then maintaining) a FAZ which is 10 times the
price of the FG is not exactly the kind of solution I am expecting. In
fact, since in my eyes FortiGate Cl...
gmand1973 wrote:I have a similar problem. I have set it up ipsec vpn .i
have not static ip from isp but I see her Ip from site
https://whatismyipaddress.com/ With this public ip from site i can use
it to connect from my work through forticlient so th...
You can certainly upload a full certificate along with its private key
(which has to be in PKCS#12 format, also known as .pfx) to the
FortiGate. So if you can extract your dormant-domain certificate to
PKCS#12 format and it matches the hostname (as s...
As I marked as a tag, I was seeing that on 6.0 (actually 6.0.11).
However it seems to me the same thing is occurring on 6.2.5 as well: the
sub-CA certificate which the device has the key for appears as "Local
certificate". Did you generate the privat...
Thanks for your answer. I understand the idea of using peerid to
multiplex an IPsec service; although I am under the impression it
restricts to IKE v1 and aggressive mode (please, please correct me where
I am wrong). However, I would like to confirm ...
