We currently have two sites, Site A and Site B, with identical
destinations defined over separate VPN tunnels. Each site has a separate
SNAT range using different IP addresses, so they know which
location/route to send traffic back to. Both of our fi...
We are using a Gate running 7.4.7 as a RA IPSec VPN for our clients, and
the FortiClient is version 7.4.3.1790. One of the servers has a GPO that
enforces encryption between the various clients and a server, and this
traffic is never placed in the tu...
We are in the process of moving our VPN users to IPSec RA VPN, but we
need to use SAML SSO. This requires some port to be opened up, so we're
using tcp/9443 like the documentation. The reason we're moving away from
SSL VPN is because of the large num...
IPSec VPN with SAML was configured according to
https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-configure-Microsoft-Entra-ID-SAML/ta-p/307457.
The configuration seems to be in place according to the documentation,
but I get ERR_CERTI...
We just received licensing for FortiClientEMS, and I'm not following the
documentation for setting this up. 1. The request to build the
FortiClientEMS server has been sent, but it will be a few days before
it's ready. I don't have the ability to test...
Sorry for the delay, but I've been out of town and not paying attention
to electronics. The important piece of info is that the firewall needs
to do a DNAT on the ingress (inside) interface. Traffic destined to
192.168.3.55 on the inside firewall int...