Hoping for some real world use cases for the following setup where we
are protecting a hardened front end web server that sort of proxies
connections into our Horizon VDI environment.. We currently have a VIP
on TCP.443 that publishes the previously ...
Please try to stay with me on this longer post... I've tried to shorten
it up but there is a lot to relay on this one and I appreciate your
taking the time and reading through it.. First off, Let me elaborate on
that Subject a little. My user is curr...
Internal Interface of Fortigate: 10.10.10.10Dial-Up Clients network:
10.20.20.20 - 100 Gateway: 10.20.20.5DHCP Server: 10.10.1.7 I've got
three different IPSEC VPN's published off of a single 500 series gate
but because our AD DNS isn't registering t...
So I imported our Edge Fortigate's into Manager about two months ago and
have been steadily setting up the Normalized Interfaces, Per-Device
Mappings, etc. that I will need on Manager to administer four 500e's The
problem is that I've been lazy and h...
Is this thing just trying to scare me? FGT[FG200] Automation
Stitch:auto.compromised.host is triggered.date=2021-04-05 time=14:21:27
logid="0100022953" type="event" subtype="system" level="warning"
vd="root" eventtime=1617646887419280502 tz="-0400" l...
Well, to be honest the main concern here is just opening up that 443 to
essentially every bad actor in the United States to bang up against us
at will from now on is almost too much to bare. I know the vSecurity box
that sits in our DMZ in front of H...
Can you not just tell us the ISP? We may have familiarity but I will say
that we have a very similar setup with Segra here on the East Coast of
the US and we threw this hot potato around for months while they were
building everything out. Once we fin...
In the policy that you are using on FAC for the RADIUS. FAC ->
Authentication -> RADIUS Service ->Policiesyou will want to select
"Token-only authentication" under "Authentication Factors" for the
policy that is governing these connections and I typi...
pminarik, That was explained exactly in a way that makes it very clear
to me now how that whole thing works. It's funny, I have found that if
you type a problem out (as I did when posting my message) the solution
seems to present itself in most cases...
I too am having this same issue and my google search brought me right to
this thread... Is there anyone that can help out with this if I bump
this older post? I believe the way to handle it is to change the way DNS
works on the Fortigate. IE: make it...