Hello everyone,we are currently running a FortiGate on firmware 7.6.4
with an IPsec dialup VPN using SAML authentication over IPv4. This setup
works without any issues.However, more and more of our users are
receiving IPv6-only connections from their...
Hello all, I am currently setting up 802.x1 EAP-TLS authentication on an
external cloud radius server on my FortiSwitch 448E-POE (Fortilink) and
am experiencing a minor issue.Basically, I wanted to do this via TLS TCP
(RadSec).I noticed that the Fort...
Hello all, I have a problem where my two 448E switches are displayed as
“online” under Managed Forti Switches. I can also access the port
configuration and change it. So I guess the NTP is not the issue. NTP is
also activated for the fortilink interf...
Hi everyone,I'm currently working with the following setup:We have a
FortiGate 100FPort X1 on the FortiGate connects via 10G to a stack of 2x
Cisco CBS350X (on the Ground Floor).From there, there's an uplink via
10G to another stack of 2x Cisco CBS35...
Hello all, We use IPsec Dialup VPN with SAML via EntraID. When I try to
connect via IPsec VPN inside same network in which the Fortigate is
located, I get the error "ERR_EMPTY_RESPONSE" when calling SAMLIs this
an expected behavior? If not, what coul...
@AEK understand, but again I don't need a Trunk (LCAP) configuration
from my 2x448E in the ground floor, to my new 2x448E in the upper
floor?Like what I have at the moment to my 2x cisco in the upper floor?
I have now activated Dual Stack on the VPN tunnel in phase 1 and phase 2
for testing purposes.The client now also receives additonal an IPV6 on
the VPN adapter, and I am now also receiving incoming traffic and can
reach the internal IPv4 VLAN after t...
Hello,I must correct myself again: we only want clients who have an IPV6
address from their ISP to be able to connect to the VPN. (DS-LITE)The
client itself does not need a dual stack address on the VPN adapter, as
no IPV6 network need to be reached ...
@Jean-Philippe_P Thank you for your feedback.The reason I am considering
enabling dual stack on the IPsec dialup VPN is because we have several
employees who can connect to the VPN from their home office, but they
cannot access any applications locat...
@AEK Thank you for your reply.About LACP thats clear for me so far.If I
now connect the new pair of 448Es to the current pair of 448Es, will
this automatically configure itself as LACP (802.3ad), as from the first
pair of 448Es to the FortiLink inter...
