Description This article describes how to resolve the host-check
interval error displayed after enabling the host check feature in the
SSL VPN Portal. Scope FortiGate. Solution This issue may be encountered
when trying to configure and apply the Host...
Description This article describes why users may be unable to login to a
Single Sign On Administrator account. Scope FortiGate. Solution Issue:
If all local FortiGate Administrators has trusted hosts configured, it
will not be possible to login to th...
Description This articles describes how to utilize workspace mode to
make changes to a Static WAN IP while remotely accessing the FortiGate
through its WAN. Scope FortiGate Solution Workspace mode provides the
ability to make changes that can revert ...
Description This article describes possible reasons for user
disconnection while using SAML SSO Authentication. Scope FortiGate.
Solution Issue: Check the server certificate being used in SAML: config
user saml edit "saml-user" set cert "CA_SIGNED_OL...
Description This article describes that when the dialup IPsec VPN is
connected, the traffic is being dropped because of no matching firewall
policy. Users can connect to the VPN successfully, however, traffic is
being dropped by the FortiGate. Scope ...
Hello Carsten, You could try to recalculate the checksum on primary and
secondary. If that does not work, would you be able to reboot the units?
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Procedure-for-HA-manual-synchronization/ta-p/19...
Hello shaymalakov, Please see this document for details and requirements
that need to be included for the custom signature:
https://docs.fortinet.com/document/ipsengine/3.6.0/custom-ips-and-application-control-signature-syntax-guide/274110/creating-i...
Hello Infotech22, Are the internal DNS server's pointing to fortiguard
servers? You could try changing the forwarders to 8.8.8.8 and then on
the fortigate restarting the following daemons listed: diagnose test app
urlfilter 99 diagnose test applicati...
Hello shaymalakov, For application signatures not listed you may create
a custom application signature:
https://docs.fortinet.com/document/fortigate/6.4.5/administration-guide/233445/blocking-applications-with-custom-signatures
Hello mdchelpdesk, Could you please run a debug flow using the commands
below and have the user connect. Please share the outputs here:di deb
disabledi deb resdiagnose debug flow filter cleardi deb flow filter addr
di deb flow filter port diagnose de...