Re: Invalid secret RADIUS Fortigate/fortiauthentic...

vbandha · 09-08-2024

Description This article describes how to assign static IP to dialup IP Sec VPN user Scope FortiGate v6.4+. Solution In the Dialup IP Sec VPN, there is no option available for IP reservation or to assign static IP. To achieve this, create a separate ...

vbandha · 09-08-2024

Description This article describes how to secure GUI admin login to FortiGate by using the Loopback interface to provide additional security. Scope FortiGate v6.4+. Solution Create a loopback interface by navigating to Network -> Interfaces, select '...

vbandha · 09-01-2024

Description This article describes how to troubleshoot MAC address-based policies. Scope FortiOS 6.4+. Solution In FortiGate, there is the option to make MAC address-based policies:MAC address-based policies These MAC address-type objects can only be...

vbandha · 08-31-2024

Description This article describes the configuration for pushing multiple VPN profiles to FortiSASE users with the Auto Connect option. Scope FortSASE. Solution In FortiSASE under the End Point profile, there is this setting: Endpoint connects to For...

vbandha · 08-18-2024

Description This article describes the troubleshooting steps if it is impossible to add VLAN interface to the software switch. Scope FortiOS. Solution If having a VLAN interface with an IP address assigned to it as shown below: It will not give the o...

vbandha · 10-04-2024

Hello @Jose-Perez_Netics , I believe from your description that other traffic going to end device is not reaching there. In addition to above suggestions, please try to disable 'arp-reply' in VIP:https://community.fortinet.com/t5/FortiGate/Technical-...

vbandha · 09-28-2024

Hi @kevinjm9 Dialup IP Sec Split Tunnel does not have this functionality:https://community.fortinet.com/t5/FortiGate/Technical-Tip-Enable-split-tunnel-For-IPsec-VPN/ta-p/192266 'The 'Accessible Networks' Address needs to be of the subnet type ' Regar...

vbandha · 09-28-2024

Hello @Umesh For your query make sure: 1. Static route is pointing to SD WAN zone:https://docs.fortinet.com/document/fortigate/7.6.0/administration-guide/626338/adding-a-static-route 2. Make sure the Performance SLA has the SD WAN members selected an...

vbandha · 09-27-2024

Hi @raffaeledp When you configure 'Limit access to specific hosts' it will still generate logs for the VPN attempts for the blocked countries. The attacker will not be allowed access if they are from blocked country even if they enter the correct use...

vbandha · 09-26-2024

Hello @RolandBaumgaertner72 If you are having issue with HA out sync, please run these commands on both primary and secondary: diagnose sys ha checksum recalculateexecute ha synchronize start You can follow this document to get cli access of secondar...

User Statistics

User Activity

Troubleshooting Tip: Assign Static IP to Dialup IPSec VPN user

Troubleshooting Tip: Use Loopback interface to secure GUI admin login to FortiGate

Troubleshooting Tip: MAC address based policies is not working

Troubleshooting Tip: How to push multiple VPN profile to FortiSASE end user with Auto Connect option

Troubleshooting Tip: Not able to add VLAN interface to software switch

Re: destination nat between real ip addresses

Re: Split tunnel to fqdn wildcard

Re: SDWAN (with two ISP)

Re: Many SSL-VPN login failed attempts! What to do?

Re: Lost connection to Slave after Update

Re: Invalid secret RADIUS Fortigate/fortiauthentic...

Re: Invalid secret RADIUS Fortigate/fortiauthentic...

Technical Tip: BGP Community list matching for AS ...

Re: destination nat between real ip addresses

Re: Migrate From Dialup SSL VPN to IPsec VPN

Re: RADIUS attribute: Message-Authenticator

Re: Network Configuration Help

Re: IPsec site-to-site problem

Re: remote user access to second vpn site to site

Re: What is fortigate default qos policy?

KCS