Is this even possible? We currently have all of our WAN interfaces
serving our Dial-Up clients but we now need to create a PTP IPSEC tunnel
between our Gates and a third party.Can this be done or will the P2P
tunnels need to go on a different interfa...
I've had 2FA working again Authenticator for some time but recently was
tasked with turning on the push notifications but my FortiClient does
not have a "Push" button and I really never knew it was supposed to. I
thought when you made the authenticat...
Hoping for some real world use cases for the following setup where we
are protecting a hardened front end web server that sort of proxies
connections into our Horizon VDI environment.. We currently have a VIP
on TCP.443 that publishes the previously ...
Please try to stay with me on this longer post... I've tried to shorten
it up but there is a lot to relay on this one and I appreciate your
taking the time and reading through it.. First off, Let me elaborate on
that Subject a little. My user is curr...
Internal Interface of Fortigate: 10.10.10.10Dial-Up Clients network:
10.20.20.20 - 100 Gateway: 10.20.20.5DHCP Server: 10.10.1.7 I've got
three different IPSEC VPN's published off of a single 500 series gate
but because our AD DNS isn't registering t...
what does trace routes from vpn1 to vpn2 show?When running the traces
run packet sniffer on Fortigate CLI that's handling the connections:
diag sniffer packet any 'host IP of machine doing trace route" 4 999 l
That should show you what the issue is. ...
Well, to be honest the main concern here is just opening up that 443 to
essentially every bad actor in the United States to bang up against us
at will from now on is almost too much to bare. I know the vSecurity box
that sits in our DMZ in front of H...
Can you not just tell us the ISP? We may have familiarity but I will say
that we have a very similar setup with Segra here on the East Coast of
the US and we threw this hot potato around for months while they were
building everything out. Once we fin...
In the policy that you are using on FAC for the RADIUS. FAC ->
Authentication -> RADIUS Service ->Policiesyou will want to select
"Token-only authentication" under "Authentication Factors" for the
policy that is governing these connections and I typi...
pminarik, That was explained exactly in a way that makes it very clear
to me now how that whole thing works. It's funny, I have found that if
you type a problem out (as I did when posting my message) the solution
seems to present itself in most cases...
