Troubleshooting TIp: IPsec issues encountered with...

princes · 11-12-2025

Description This article describes how an inaccurate DOS policy can impact the SD-WAN performance SLA of a member to be dead. Scope FortiGate Solution In an IPV4 DOS policy, there is a pattern for ICMP_FLOOD, which calculates the threshold based on t...

princes · 09-05-2025

Description This article describes different methods used for DNS probe in SD-WAN performance SLA. Scope FortiGate. Solution When the DNS is selected as the protocol for the performance SLA, the working is different from the Ping protocol. Considerin...

princes · 09-05-2025

Description This article describes why session counts are not exactly the same as CLI session list output and GUI FortiView. Scope FortiGate. Solution During an active session verification on FortiGate, both the GUI FortiView and the CLI session list...

princes · 09-04-2025

Description This article explains the reason for authentication failure, even if the test connectivity for the LDAP user is successful. Scope FortiGate v7.4.4 and above. Solution In case the LDAP user test credential shows successful, but user authen...

princes · 08-11-2025

Description This article discusses FortiGate web filter with local category override and default FortiGuard category verdict check. Scope FortiGate. Solution FortiGate used to fetch the category check verdict for any URL from FortiGuard servers. In c...

princes · 11-03-2025

Hi Zenhusen, Take the firewall CLI access through putty , configure a free port with IP address and enable DHCP services . Enable https on that interface, once configured connect a PC directly to that port and check if you get an IP through DHCP. Onc...

princes · 11-03-2025

Hi HT_JDC, It is difficult to tell the exact number since it is dependent on multiple factors like the medium and the scheme chosen. Thank you.

princes · 11-03-2025

Dear HT_JDC, The FEC is not measured by number of bytes, it is the ratio which measures the overhead which is dependent on the base payload. It may result in overall Bandwidth increase by the applied ratio. Best Regards,

princes · 09-22-2025

Hi, Would suggest you to have a look on below : https://community.fortinet.com/t5/FortiGate/Technical-Tip-VIP-IP-virtual-server-type-on-the-same-internal/ta-p/221782 Seems you are trying to achieve the same.

princes · 09-18-2025

Hi Jet06, Kindly share us the non working IKE debug while connecting to VPN. Are you able to connect to the VPN but unable to access internal service or VPN itself not connecting.

User Statistics

User Activity

Technical Tip: IPV4 DOS policy causing SD-WAN performance SLA to go down

Technical Tip: Different methods explained for DNS probe used in SD-WAN performance SLA

Technical Tip: Different session counts under GUI FortiView and CLI output

Technical Tip: LDAP Test Connectivity successful but user authentication fails for SSL VPN

Technical Tip: Web rating override and category control in FortiGate web filtering

Re: cant connect to firewall web UI timeout issue

Re: IPsec Forward Error Correction

Re: IPsec Forward Error Correction

Re: Is it possible to map a vip to a vs?

Re: Ikev2 ipsec remote access not working on fortios v7.4.4

Troubleshooting TIp: IPsec issues encountered with...

Technical Tip: LDAP Authentication with MAC addres...

Technical Tip: Securing a captive portal enabled i...

Technical Tip: Unable to resolve local FQDNs on Fo...

Technical Tip: IPsec phase-2 selectors deleted aut...

Re: VPN Site to Site

KCS

User Statistics

User Activity

You are leaving our website