Hi all, I am trying to establish a ZTNA replacement of our VPN for all
AD-joined devices.The first problem I have encountered is that
workstations cannot resolve the domain controllers - our internal DNS
server is accessible on TCP 53, but it tries U...
We have an IPSec tunnel between two FortiGate devices - FG500E and
FG40F, both running version 7.0.14.The IPSec is established without any
problems, but the traffic inside the tunnel has some very strange issue.
The tunnel IP addresses are 10.0.66.16...
Today we updated all our FortiGate devices to 7.0.14 due to the security
concerns with the ongoing attacks worldwide. Unfortunately after the
upgrade we are facing a lot of blocked connection to applications which
were working without problems before...
We have upgraded our EMS server to 7.2.2 build 0879.After that we
upgraded few of our FortiClient to 7.2.2.0864. The result:- all our
FortiClient endpoints with 7.0.9 receive the ZTNA destinations and
create successfully the virtual hosts in the Wind...
We have the following setup: A FortiGate router in the middle of the
network with few cisco switches, which host several VLAns.Also we have a
MS SCCM server in vlan 10 and a bunch of workstations in vlan 20, which
should be booted trough PXE/SCCM and...
You are not correct - you may fallback and use tcp 53, the problem is
that windows uses udp by default.Still I can't believe no one uses ZTNA
for AD access...
The problem and the solution was that the Tunnel was created initially
as an dial-up one.After changing it to standard IPSec - something has
broken up inside it.Recreating tunnel from scrap fixed the issue.
I do not understand - what kind of static routes do you mean and why?We
have proper routing on both sides:- on external interfaces we are able
to establish the VPN;- on tunnel - there is a routing for the tunnel
interfaces on both sides!
Also it is not possible to ping from IP behind the firewall, because the
reason I need those IP addresses see each other is to run iBGP on the
tunnel, like we did with the other devices we use.