Комментарии:
what if the fortigate is actually inside the private network.
end user - - - internet - - - <public IP> CPE <private IP>- - - core router - - - Aggregate router - - - Fortigate - - - LAN
Just a tip that might save some headaches for other peeps... I'd set everything up correctly but my DMZ servers I set as destinations in my VPN policy weren't reachable so I watched your video to confirm I'd done everything correctly and I still had the issue. My deployment is on AWS and I have a management VRF0 and everything else in VRF1 so I can run two default routes to the Internet. VRF1 for data and VRF0 for access via Internet to MGMT interface. In the end I checked my SSL tunnel interface (only way I could find to do it was via the VPN policy I setup) and I found the interface belonged to VRF0. I changed it to VRF1 and everything working perfectly now.
ОтветитьReally appreciate the content. Just a question.. when we use both the User Group and the RA-VPN_Pool, does it mean it is required to match both or only 1 match is required for source.
Ответитьthanks a lot, when we create a group should we configure anything on SSL-VPN Portals , like you did when creating ssl-vpn LDAP , 28 min ?
ОтветитьThanks.. every simple and easy to understand.
Ответитьthank you, why SSL over IPSEC?
Ответитьawesome lesson...greatly appreicated
ОтветитьReally appreciate this. Thank you!
ОтветитьAwesome video bro! Regarding the LDAP Auth method, let's say I have different groups in AD, and each AD-User-Group, when connected via SSL-VPN, needs access to their respective VLAN only. It means I need to create a Fortigate User Group and policy for each? Thanks.
ОтветитьI appreciate the simplicity of your presentation! Please keep up the great work!
Ответитьi like the stencils you use , where i can get them for Drawio?
ОтветитьMy SSLVPN stopped connecting, on fortivpn client just go to 10%
ОтветитьDo you have video for SSL vpn with Radius server + Microsoft MFA
Ответить*Hi, very nice video congratulations!!! please could you helpme or give me any idea?
I must autenticate a user with 2FA in Fortigate with email, that have already worked but, now I must autenticate that same way but with all users from an Active Directory and I can't add a group of vpn, so all users from AD must autenticate with 2FA throught email . Any idea for do this ? Thanks a lot.*
ssl vpn with azure Ad integration video link
ОтветитьCan you please help me. So I am doing a training at some company and they only gave me a fortigate firewall and one switch and a server and only a 4G modem that does not have port forwarding and I wanted to access my firewall from home. Is there a way to do it?
ОтветитьIs it possible to restrict the source IP address of the remote user that establish the VPN connection? Ideally I want to restrict a specific user coming from a specific address. Thanks!
ОтветитьKeep it coming bro 💯 💪
Ответитьcan fortigate verify the forticlient security posture before allowing sslvpn? to verify that the client is a windows client, with latest security patch.
ОтветитьIt's not clear why you switched to Forti. Without a license, there is no point in using it. And even for educational purposes. Without a license, it is heavily curtailed.
Ответитьعاشت إيدك.... شرح لطيف.... بس اريد مايكروتك vpn.... هل تعلم تحديث أندرويد 12 لا يقبل انشاء vpn pptp or l2tp..... خرب شغلنا 🤕🥀
ОтветитьThanks. I have issue ssl vpn in eve can not connect
ОтветитьThanks for the awesome videos on fortigate,...I think fortigate is possibly the best firewall for the money..🙏🏼
ОтветитьGreat Video
please do video for AD auth access via Fortigate and Security profiles
Hi Network Beg, I did not get the software that was used for the network design. Kindly clarify for me.
Thanks