Re: Fortigate as Router on a stick, along with loc...

mrsimon007 · 10-25-2025

I’ve run into this issue too — it’s tricky since IKEv2 tunnels don’t always inherit DNS suffixes cleanly, especially with Intune-managed, non-admin devices. One workaround is to push the suffix via Intune custom configuration profiles using PowerShel...

mrsimon007 · 10-05-2025

Yes, it can be done. You can configure a FortiGate as a router-on-a-stick by creating sub-interfaces on a single physical port, each tied to a VLAN with its own IP. One of those VLANs can also provide local access ports by bridging the sub-interface ...

mrsimon007 · 09-19-2025

Double-check that EMS log forwarding to FortiAnalyzer is enabled and that both products are on compatible builds. You may also need to verify the EMS connector settings under Device Manager. Fortinet docs list the exact steps.

mrsimon007 · 03-23-2025

Ensure that TCP port 4500 is included in your local-in policies. If it is not, you may need to create a rule to allow traffic on this port.

User Statistics

User Activity

Re: DNS Suffix Deployment Issue on FortiGate Dial-Up IPSec IKEv2 VPN with Entra SAML and Intune Clie