Hi Guys. I am wondering if a host is registered via device profiling but
not maching any user policy than why it is still getting an IP from any
other vlan than isolation ? Also if no nap is matched does fortinac
should put this user into either reme...
Stage 4. Define Registration Methods. Once a host is learned from
FortiNAC, it will be marked with the Rogue(?) host state.This means that
FortiNAC has not yet categorized or profiled this device as a known
device type and will keep it in the isolati...
Hey So I am currently handling a migration from ASA to Fortinet for
which I had encountered many challenging NAT statements but this one is
the most confusing with not much solution available as per my research
so far. Any help would be appreciated S...
Hi I have an example statement nat (inside,outside) source static
obj-192.168.1.1 obj- 78.5.6.7 As per my understanding, this will work
both ways in ASA, means either 78.5.6.7 is the originator or
192.168.1.1, this rule will work for both in ASA ( co...
Hi Well in theory I want to achieve bidrectional nat (like asa) in a
single rule, but I think it is not possible with fortigate. I have to
make SNAT and DNAT
I have tested this in my lab, but if I configure vip only than dnat
works but traffic wont move inside to outside, only outside to inside
works, i created a snat from inside to out and now both translations
work. config firewall central-snat-mapset s...
