I have stumbled on a missing option in FortiOS on devices below 100D.
SSH inspection options are completely missing from the SSL inspection
menu. Is this by design? Is the intent to remove that capability from
smaller SoC boxes?
When configuring an SSLVPN in tunnel mode why do we have to specify
source IP information in the VPN > SSL > SETTINGS screen under Tunnel
Mode Client Settings as well as in VPN > SSL > PORTALS in the Source IP
Pools field when checking Enable Tunnel ...
Good Morning everyone! I have a quick question about updated the sslvpn
lite client. Backwards compatibility has never been much of a problem
when tunnel mode vpn was all we were after..until recently. We had a
customer who started getting cert warni...
I have a device providing a full PTP IPSEC tunnel back to the main
office. The problem that we have run into is that access to Fortiguard
seems to be broken with the full tunnel. Ideally we would like to tunnel
everything EXCEPT Fortiguard traffic. D...
We can add two more HA pairs of 200Ds running 5.2.7 code to the growing
list of devices that exhibit the exact same behavior. I managed to force
the secondary device to be active and made sure any local logging was
only leveraging memory and not disk...
I was hoping for some clarification on one point. The implicit Deny
"ALL" at the bottom is always matched regardless of any policy or policy
order above it correct? If it makes it to the bottom of the policy list
without matching something it will ma...
jaustgen wrote:Was there ever any resolution to this? The 5.2.5 upgrade
did fix this. I had this escalated up to the executive level through my
sales team. A formal response never came. I have tested 5.2.5 and they
have fixed the default DH group by ...
