Description This article describes some known-limitations regarding the
types of IP Pools that can be combined with ZTNA policies (both Simple
and Full policies). Scope FortiGate, ZTNA. Solution As a quick primer,
user connections through the FortiGa...
Description This article expands on the original documentation regarding
the 'Single FortiGuard license for FortiGate A-P HA cluster' feature
detailed in the FortiOS Administration Guide, with the aim being to
demystify when the feature can be used a...
Description This article describes an expected behavior for the
private-data-encryption feature on FortiGates with FIPS-CC mode enabled.
Scope FortiGate, FIPS-CC. Solution FIPS-CC-enabled FortiGates do not
support the private-data-encryption feature ...
Description This article provides a complement to the following
documentation and discusses known issues regarding asymmetric traffic
flow in this configuration: Azure vWAN with FortiGate Network Virtual
Appliances (aka Azure vWAN SD-WAN NGFW Deploym...
Description This article describes a known restriction that occurs when
importing end-entity certificates onto the FortiGate while FIPS-CC mode
is enabled. Scope FortiGate, FIPS-CC. Solution When FIPS-CC mode is
enabled, FortiOS does not allow admini...
Hi @SajjadAli-1986, Just to let you know, this is the Article Ideas
Submission queue, which is used to submit new KB article ideas. For
technical assistance, please either post to the Fortinet Support Forum
or open a ticket with Fortinet TAC Support....
Hi Faiza_Emam_Delhi, can you clarify where (FortiGate, FortiSwitch
directly, FortiManager, etc.) and on what firmware you were able to
perform these steps? I checked on FortiOS 6.4, 7.0, 7.2, and 7.4, and
none of them have the capability that you are...
I recommend checking out these Community KB articles for SSL-VPN and
IPsec:https://community.fortinet.com/t5/FortiGate/Technical-Tip-Enabling-split-tunnel-feature-for-SSL-VPN/ta-p/198108https://community.fortinet.com/t5/FortiGate/Technical-Tip-Enable...
Unless I'm missing something, it looks to me like Source NAT isn't
turned on for Policy 15, the SSL-VPN to Internet policy.You're using a
full-tunnel SSL-VPN (set split-tunneling disable), so all traffic is
shuttled over the VPN in this case, but you...