Re: SAML authentication page is looping in Chrome

hpenmetsa · 07-29-2025

Description This article describes that renaming synchronized objects on the Fabric root FortiGate will create duplicate objects on downstream FortiGates if they are referenced in downstream configurations in the Security Fabric setup. Scope FortiGat...

hpenmetsa · 05-27-2025

Description This article describes how to assign a native VLAN if the VLAN is on a different VDOM. Scope FortiGate. Solution In the following example, on the managed FortiSwitch config, when attempting to assign VLAN 128 as a native VLAN, it does not...

hpenmetsa · 03-20-2025

Description This article describes that when Firewall policies are in a flow-based inspection, the FortiGuard block page does not display. Scope FortiGate, FortiOS v7.0.x version. Solution The FortiGate devices running on FortiOS v7.0.x, are configur...

hpenmetsa · 01-06-2025

Description This article describes how to add the existing address objects on the address group when manually created or created by IPsec VPN Wizard. Scope FortiGate. Solution When trying to add address object to the address group the address object ...

hpenmetsa · 08-11-2024

Description This article describes why a static route or default route outgoing with SD-WAN Zone cannot be assigned an administrative distance of 10 on a FortiGate. Scope FortiGate. Solution The following example explains that a static route or defau...

hpenmetsa · 09-18-2025

Hi Ganesh, Are you blocking Copilot based on the category, or have you added any static URL filter to the web filter profile? You can create a static URL filter for the domain m65.cloud.microsoft to block Copilot. Please refer to the following docume...

hpenmetsa · 07-20-2025

Hi, Could you please provide more details about what kind of service you're using SAML authentication for, such as SSL VPN or IPsec VPN?Thanks

hpenmetsa · 05-22-2025

Hello,If you want to allow only example.com. Please use "www.example.com" in the static URl. This will allow only www.fortinet.com and the rest of the subdomains, such as aaa.example.com will be blocked. Please check link below for more info.https://...

hpenmetsa · 05-06-2025

Hi 1. Let's say I have an SD-WAN rule based on the MANUAL strategy. This SD-WAN rule has two interfaces (WAN1 and WAN2), with WAN1 being the interface that was added first and therefore becomes the preferred interface for internet communication. If t...

hpenmetsa · 03-30-2025

Hi Tsug,In FortiGate, firewall policies are processed in a top‐down order, and FSSO is a passive authentication method. This means that if a user is already authenticated, traffic from that user will match the FSSO rule. If the user isn’t authenticat...

User Statistics

User Activity

Troubleshooting Tip: Renaming synchronized objects in the Security Fabric setup, will cause duplicate objects if deferenced on downstream devices

Troubleshooting Tip: Unable to assign a native VLAN if the VLAN is on a different VDOM

Technical Tip: FortiGuard block page does not display when Firewall policies in a flow-based inspection mode

Technical Tip: Unable to add the addresses objects on the address group.

Technical Tip: SD-WAN routes cannot be set as distance value of 10

Re: Blocking copilot