Skip to Content

Solved: How do I configure FortiGate DNS over TLS using Cloudflare DNS?

This article describes how to configure FortiGate DNS over TLS using Cloudflare DNS. Primary DNS 1.1.1.2 Secondary DNS 1.0.0.1 Solution From GUI When configuring from GUI, do not forget to change the default server hostname ‘globalsdns.fortinet.net’. When using Cloudflare DNS, use ‘one.one.one.one’ or ‘1dot1dot1dot1.cloudflare-dns.com’ as the server hostname. From CLI # config system dns set …

Read More about Solved: How do I configure FortiGate DNS over TLS using Cloudflare DNS?

Solved: How do I import object list summary when importing objects?

When importing policy and objects from a FortiGate currently selected revision history config file, before actually importing the policies and objects, a summary of the objects that will be updated, imported, renamed, and skipped (duplicates) will be listed and shown. This article will define the different actions that will be taken on the objects listed …

Read More about Solved: How do I import object list summary when importing objects?

Solved: How do I set the admin password to empty?

This article describes how to set the admin password to empty. Step1: Set admin password by default: # config system admin edit “admin” set accprofile “super_admin” set vdom “root” set password ENC SH2CBKZWErh1aIVtjkiFqgUE7jz89aIEAIEq**bleep**DDoswa8dsBN03ce/J2RQ6BA= next end Step 2: Use the bellow CLI to set the admin password to empty: FG1500D_14 # config system admin FG1500D_14 (admin) …

Read More about Solved: How do I set the admin password to empty?

Solved: How do I fix notification message ‘Open: Invalid Router ID’ in BGP debugs

This article discusses notification message ‘Open: Invalid Router ID’ in BGP debugs. Background FortiGate F7 and F6 are configured with BGP to learn dynamic routing. 172.16.20.0 F7 — ISP——f6–172.16.30.0 After the BGP configuration, the below notification message in the FortiGate can appear when BGP peers are exchanging messages. f6 # BGP: 7.7.7.7-Outgoing [DECODE] Open: Invalid …

Read More about Solved: How do I fix notification message ‘Open: Invalid Router ID’ in BGP debugs

Solved: How do I fix Poll Active Directory (FSSO) connection status down despite authentication successful?

This article illustrates the issue where the connection status to AD is successful, but the AD connector status is down. The connector settings are configured as below: It is possible to run debug to check for the error message: # diag deb authd fsso -1 # diag deb en An error message appears for ‘wrong …

Read More about Solved: How do I fix Poll Active Directory (FSSO) connection status down despite authentication successful?

Solved: How do I enable mac address bypass on FortiGate interfaces?

MAC Authentication Bypass (MAB) is supported to accept non-802.1X compliant devices onto the network using their MAC address as authentication. Solution: Enable MAB on FortiGate Apply below command to enable MAB on FortiGate: # config sys interface edit “<>” set vdom “root” set ip 192.168.1.1 255.255.255.0 set allowaccess ping radius-acct set security-mode captive-portal set security-mac-auth-bypass …

Read More about Solved: How do I enable mac address bypass on FortiGate interfaces?

Solved: How do I fix extra route connection issue in Windows routing table when connecting to SSLVPN

This article describes how to fix the issue where after connecting to SSLVPN via FortiClient, users may experience connection issues for up to 10 minutes on Dell laptops with Windows 10/11. This affects both setups with split-tunneling enabled, where FortiClient pushes the split subnets to the Windows routing table and setup where all user traffic …

Read More about Solved: How do I fix extra route connection issue in Windows routing table when connecting to SSLVPN

Solved: How do I troubleshoot FSSO events are not collected by FortiGate after upgrade of Fortiauthenticator to 6.4.5?

This article describes the issue where FSSO events are not collected by FortiGate after the upgrade of FortiAuthenticator to 6.4.5. Solution: Disable Enable encryption feature FortiAuthenticator now offers a server-side TLS support option so that FortiGate as an FSSO client can be configured to connect to FortiAuthenticator over a TLS connection, and this is enabled …

Read More about Solved: How do I troubleshoot FSSO events are not collected by FortiGate after upgrade of Fortiauthenticator to 6.4.5?

Solved: How do I troubleshoot FTM-Push notification configured but not working?

This article describes the process of initial ftm-push troubleshooting. Solution The following are troubleshooting tips that need to be performed post configuring FortiToken mobile push notification, but unable to log in after tapping ‘Approve’ on the FortiToken Mobile Apps. Step 1: Check if FTM is enabled in the Administrative Access of the wan interface under …

Read More about Solved: How do I troubleshoot FTM-Push notification configured but not working?

Solved: How do I use FortiGate’s IoT Detection Service to identify Hikvision IP Camera CVE-2021-36260 command injection vulnerability?

This article describes how to use FortiGate’s IoT Detection Service to identify the Hikvision IP Camera device and app that is vulnerable to the recent command injection vulnerability. The vulnerable device and app can be identified from the Security Fabric > Asset Identity Center when the FortiGate interface connected to the IoT device has device …

Read More about Solved: How do I use FortiGate’s IoT Detection Service to identify Hikvision IP Camera CVE-2021-36260 command injection vulnerability?

Solved: How do I troubleshoot FortiGate admin access configuration with Google SAML authentication?

This article describes how to troubleshoot FortiGate admin access configuration with Google SAML authentication. Solution FortiGate will be acting as Service Provider (SP) and GOOGLE will be acting as Identity Provider (IdP). SP: Who is providing the Service. IdP: Who is doing Authentication. FortiGate admin access SSO is part of the security fabric where the …

Read More about Solved: How do I troubleshoot FortiGate admin access configuration with Google SAML authentication?
Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.