I have a zone on the FortiGate named "VPN Zone", which includes both
SSL-VPN and IPsec.We are now testing a ZTNA appliance that is connected
via the X1 interface -> VLAN 101.I added the VLAN 101 interface to the
existing "VPN Zone" and included its s...
I've set up an IPsec VPN with certificate-based authentication and
started migrating away from SSL-VPN. Unfortunately, around 10% of our
remote users are on DS-Lite. This means they have a public IPv6 address
but share a single IPv4 address via Carri...
Maybe someone with a deeper understanding can shed some light on
this.I've set up an IPsec VPN using certificate-based authentication and
tested it with a small user group — it works great.I then handed it over
to software delivery. They did what the...
Can I just flip the switch on IPSec XAUTH² to 'inherit from policy' and
use the same rules as SSL-VPN, where you have to specify a Source and
User/Group? Last time I tried this, the FortiGate acted as a MITM for
IPSec users and redirected HTTPS³ to i...
Got it working by moving the clients to another subnet and using the
VLAN101 as a transport net. So the fault was the appliance assigning IPs
to the VLAN101.
I got it working by splitting the DNS into separate A and AAAA records
and adding two profiles in FortiClient, respectively.ipv4.company.com →
VPN via IPv4ipv6.company.com → VPN via IPv6 I've seen this bug before,
but I thought FortiClient v7.4.3 had...
Seems to be a bug in the FortiClientVPN v7.4.2 that most of our users
had installed. We are looking to upgrade to FortiClientVPN v7.4.3 or
v7.2.9Still testing. # UpdateWorks fine now with FortiClientVPN v7.4.3,
v7.4.2 is bugged.
We used the FortiClient (EMS) and found that it breaks the Secure
DynamicDNS Update process just by having the app installed on the
PC.FortiGate bug ID 0964456Rel.
https://community.fortinet.com/t5/Support-Forum/FortiClient-EMS-DNS-Dynamic-update-iss...
