Technical Tip: Details about host check list and ...

nithincs · 05-26-2025

Description This article describes how to verify that the DHCP-leased IP address has been updated. Scope FortiGate. Solution When the FortiGate interface mode is configured as DHCP, the interface will be the DHCP client, and after reaching the DHCP l...

nithincs · 04-10-2025

Description This article describes when logs with 'logid="0100044547"' and 'logid="0100044546"' are generated and how to verify the logs for configuration changes down in the FortiGate device. Scope FortiGate. Solution FortiGate will generate two kin...

nithincs · 04-10-2025

Description This article explains the working of the DPD mechanism set to 'on-demand'. Scope FortiGate. Solution When DPD is set to on-demand, this will notify FortiGate to send DPD message to check the liveliness of the remote VPN peer only when the...

nithincs · 04-10-2025

Description This article describes the configuration to restrict the admin user to one active session at a time. Scope FortiGate. Solution Log in to the device with the super-admin privilege admin account and go to settings.Search 'Allow concurrent s...

nithincs · 03-27-2025

Description This article explains the scenario in which phase 2 of site-to-site VPN between FortiGate tunnels goes down and will not automatically come up. Scope FortiGate. Solution This behavior is expected when phase 2 'auto-negotiate' is kept disa...

nithincs · 07-24-2023

yes, you could achieve it. Make sure to add dailup tunnel subnet in phase2 selector of the site-site tunnel. in FGT1 source :10.5.41.0/24 dest :192.168.8.0/24in FGT2 source 192.168.8.0 dest :10.5.41.0/24 In FGT2, add a routeto 10.5.41.0 via tunnel in...

nithincs · 05-22-2023

Hi Imel, I believe, you need to create ip pools for each nat ip address. Later call the same in specific soucre and destination policy. Please refer to https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-configure-SNAT-with-IP-pool/ta-p/...

nithincs · 05-22-2023

hi, the script is correct. You can also follow alert mail for concerve mode and logs collection https://community.fortinet.com/t5/FortiGate/Technical-Tip-Automation-stitch-for-the-conserve-mode/ta-p/240696#:~:text=FortiGate%20by%20default%20turns%20o...

nithincs · 05-08-2023

hi Abel,Please make sure you have spit tunnel enable in the sslvpn so you that only remote subnet are pointing todards sslvpn adaptor in local pc. Better to check routing-table in the pc before and after connecting to sslvpn. use "route print" if its...

nithincs · 08-23-2022

Hi, Please try the solution provided in https://community.fortinet.com/t5/FortiGate/Technical-Tip-Error-The-VPN-server-may-be-unreachable-14-for/ta-p/190882

User Statistics

User Activity

Technical Tip: Monitoring and verifying the DHCP-leased IP address updates from the ISP router

Technical Tip: Difference between 'logid="0100044547"' and 'logid="0100044546"' which are generated when configuration is changed in the FortiGate

Technical Tip: Explanation of IPsec VPN DPD working with 'on-demand' option and how it gets triggered

Technical Tip: Disable concurrent admin login to FortiGate

Troubleshooting Tip: Phase1 is up yet phase2 is down after IKE rekey or tunnel flap

Re: Can remote FortiClient user get access to local lan connected over syte-2-syte tunnel?

Re: Dynamic NAT

Re: Restart Fortigate http/gui processes automatically because of a memory leakage

Re: Printer behind FortiClient not accessible

Re: FortiClient VPN connection error (-14)

Technical Tip: Details about host check list and ...

Technical Tip: Log action messages 'Accept: sessio...

Technical tip: Using FortiGate DNS filter to reduc...

Technical Tip: Virtual wire pairs

Troubleshooting Tip: How to verify the FDQN IP add...

Fortinet Training Institute

KCS

User Statistics

User Activity

You are leaving our website