Description This article describes what to do when client devices behind
a CGNAT network fail to connect to FortiSASE VPN. Scope FortiSASE.
Solution Follow this KB ARTICLE to perform a capture using Fortinet
Support Tool on FortiSASE: Technical Tip: ...
Description This article describes what is required to access internal
HTTP/HTTPS resources with 'apptype web'. Agentless ZTNA Access Proxy
portal is a new feature as of 7.6.1: ZTNA agentless web-based
application access 7.6.1 To initiate the configu...
Description This article describes how to activate FortiToken Mobile
without Email nor SMS. Scope FortiGate v6.4, v7.0, v7.2, v7.4, v7.6
Solution On the cli, run the following commands: diag debug app
alertmail -1 diag debug enable In this example, a...
Description This article describes how to configure multiple active
default routes that exist simultaneously in the routing table. Default
routes here refer to routes to the internet. For example, regular
connection to the internet for client devices...
Description This article describes how to ensure the captive portal on
Apple devices is working after performing the initial configuration from
here: FortiAuthenticator as a Wireless Guest Portal for FortiGate To
verify whether the initial captive po...
You may opt to use link-monitor as well:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Link-Monitor-Explained/ta-p/197504it
behaves similarly to sdwan's performance sla
Yes, this can be achieved using sdwan. Ensure both of these ipsec
tunnels are configured with sdwan rules and performance sla so that
failover works seemingly.
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Configure-IPsec-VPN-with-SD-WAN/...
this vpn failover feature requires EMS to work:
https://docs.fortinet.com/document/forticlient/7.0.0/ems-administration-guide/950344/configuring-a-backup-vpn-connection
within the free version of forticlient, this is not supported.
the wildcard certificate will only apply if the method you are
connecting to the sslvpn is fqdn based. in this case, you'll have to
bind your public ip with fqdn or use FortiDDNS:
https://docs.fortinet.com/document/fortigate/7.6.2/administration-guid...
You can configure sdwan performance sla health-checks:
https://docs.fortinet.com/document/fortigate/7.6.2/administration-guide/867342/performance-sla-overview
At its most basic, Performance SLA health-check continuously pings a
specified server to ch...
