Hello, I was wondering if someone could shed some light on how the
following can be achieved, if it can.When 2FA is configured for users
that are connecting to SSLVPN, that are either via
RADIUS/FortiAuth/FortiToken or using a 3rd party OTP app, I no...
Hello,In 6.4.X code, there was SNMP OID -
.1.3.6.1.4.1.12356.101.13.2.1.1.2.1 and .2 which returned the SN of the
both firewalls if they were in a cluster or standalone only
.1.3.6.1.4.1.12356.101.13.2.1.1.2.1 .It appears that this is no longer
avail...
Hi,I know it might seem like a stupid question but it appears I was
under/made the wrong assumption that you could add individual VDOMs from
a FGT and not all of them in FMG/ diff ADOMs. I have a FGT w/ 60+ VDOMs
and recently acquired a FMG license f...
Hello, I would like to restrict access to certain users which are
assigned a custom profile, access to the configuration of all Traffic
Shaper / Traffic Shaping Policy / Profile options/config and was
wondering if it can be achieved somehow.The restr...
Below my SSLVPN config in FCT 7.0.7, I also tested the combo of fakeIP +
realIP and fakeIP + realDNS, both worked in that order of being
defined/configured.
From my understanding of split DNS ( havent used it so far, from the
link below ), is that the split DNS servers are only used for some
domains that you defined in the portal so a firewall rule should be
created to permit access to them, the rest sho...
I tried myself this setup, using a fake IP address as first Remote
Gateway and the 2nd the real IP+port and worked as intended.When I
entered the user/password combo, it went to status Connecting then to
about 30%, then it returned by itself to the u...
Most likely I've misunderstood your issue since you mentioned 2 FGTs.So,
if I understand correctly both DNS entries are different links on the
same device and you have 2 such devices with similar issues and when the
first configured remote gw configu...
The other sites by default will not know that the MPLS link is no longer
preferred on site A, so when a return packet from site D comes with will
most likely use it instead of the Interned based one and it might be
dropped.For controlling and signali...