Description This article describes issues that occur during VPN
establishment due to 'signature verification failed' errors in IKE debug
logs for an IKEv2 certificate based IPsec VPN. Scope All versions of
FortiGate. Solution This error is seen if Fo...
Description This article describes how to increase the memory buffer for
processing IP fragment packets on FortiGate to avoid drops due to
'ReasmFails' owing to a memory buffer overflow in environments where a
large number of fragments are expected t...
Description This article describes about how to enable mac address
bypass on FortiGate interfaces. MAC Authentication Bypass (MAB) is
supported to accept non-802.1X compliant devices onto the network using
their MAC address as authentication. Scope A...
Description This article describes how to troubleshoot authentication
failures due to 'clock skew' SAML errors. Scope FortiOS 7.0.4 and later
Solution 1) The SAML Assertion from SAML IDP is only valid for a
specific duration which is declared in the ...
Description This article describes the possibilities of denying/limiting
access to SSL VPN with IRDB database. Scope All FortiOS versions.
Solution - IRDB database objects can neither be used in local in
policies or SSL VPN setting. These objects can...
Hello, Based on the description, issue could be due to the fact there is
no route available/active towards the VPN remote gateway via wan2 in the
routing-table. This is why it works when you add wan2 into SDWAN (since
default route via wan2 gets acti...
Hello, Once HA reserved management interfaces are added on FGT , they
are automatically mapped to a hidden vdom called vsys_hamgmt. The
routing and ARP details on HA dedicated management interface are solely
available in this vdom.You can check the r...