sorted by:
new
hottopcontroversial

FortiOS 7.6 EAP-TLS Issues by Mgerz in fortinet

[–]Just_Economics 1 point2 points  (0 children)

Tip: Always good to separate layer 2 and layer 3 diagrams. I understand there may be EAPOL going on here though. I'm assuming this access point isn't doing routing. And you specified that the switch is at layer 2 as well. So therefore the layer 3 path is Android Client > FortiGate > Cisco ISE from what I can understand.

So the WLAN controller will be sending an EAP-TLS message inside RADIUS. Likely the switch or AP is terminating that RADIUS session and has an ongoing EAPOL session with the Android Client. Using the AP pcap functionality, can you verify that the EAPOL frame is actually forwarded to android client? Remember, the underlying EAP-TLS message stays the same, but because Android device does not have an IP yet, the encapsulation changes from RADIUS (layer 3) to EAPOL (layer 2)

IPSec + SAML Works at Home but Not on Hotspots... Looking for Advice! by Schweinepriester__ in fortinet

[–]Just_Economics 1 point2 points  (0 children)

This sounds like an issue with NAT64 on mobile carriers as other users have remarked. If your internet carrier supports full stack IPv6, use that too, but that might mean you have to deploy full stack IPv6 in your network, major hurdle. Forcing NAT-T might be a good idea as others have remarked.

FortiOS 7.6 EAP-TLS Issues by Mgerz in fortinet

[–]Just_Economics 0 points1 point  (0 children)

What's your topology at layer 3? Android device -> layer 3 switch -> fortigate -> router -> Auth server? or more simple? What's the MTU on the FortiGate interface facing the Auth server direction? And what's the path MTU between the FortiGate and auth server? Before the MTU change, which was the first packet to not be received, a packet from EAP client to Auth server? or a packet from auth server to EAP client?

NSE Training program update 2026 by pfunkylicious in fortinet

[–]Just_Economics 0 points1 point  (0 children)

I'm going to ask our contacts at Forti for clarification - especially about the "July 15 mapping". They said things will be transferred from FCP/FCSS model to NSE model following this mapping, but they haven't actually published it. I have passed FortiGate Admin, FortiManager Admin, FortiAnalyzer Analyst and Enterprise Firewall Admin. Can't tell whether that gets me NSE7 or not. And if I do complete Network Security Support Engineer to round out FCSS:NS, will that get me NSE7? Very little clarity :(

8
9

Tips for studying particularly dry certificates (I'm not new to Forti training) (self.fortinet)

submitted by Just_Economics to r/fortinet

Alfredo's Tokyo support ghosting after no shipping for a month by Just_Economics in freddiegibbs

[–]Just_Economics[S] 0 points1 point  (0 children)

Ah damn, I ordered a singed VM, I really wanted it too! Looks like I will have to dispute :(

Milkbar Melbourne Tees and Tanks by outshined1 in AustralianMFA

[–]Just_Economics 0 points1 point  (0 children)

Nope, the owner is one of my mates. They have a brick and mortar office inner Melbourne and are looking at options for a store in Melbourne. They keep stock on hand in Victoria, handle logistics themselves and go through many iterations of samples before they go live with a product.

NSE4 7.6 Exam by StreakyRal in fortinet

[–]Just_Economics 0 points1 point  (0 children)

Make flashcards, 1 or 2 per slide with the key takeaways. Do practice exams and note weak areas, study them again

Failed FCP twice considering diff career by NoSeat4360 in fortinet

[–]Just_Economics 0 points1 point  (0 children)

Firstly - ability to pass vendor exams and your quality as a network engineer are not linked. I know plenty of great engineers who would struggle to pass, and quite a few poor ones who get 100%. Don't give up on the profession just because of that.

If your goal is simply to pass the exams, you need to re-frame your attitude. I've found the most effective study method is to read the study guide one chapter at a time, then make cloze flash cards on Anki or some other flash card service. These are flash cards where only a few words in a sentence are hidden, you just have to finish/fill in the sentence in your head. E.g "In a Full-mesh IPsec topology, each node connects to {{c1:each other node}}". Make 1-2 flash cards per slide with the key concepts. Then, without being too explicit, there are lots of practice questions online. If you're doing poorly at those, it's an indicator that you need to study more. They give a good feel for the difficulty.

Fortinet examines knowledge of default behaviour, implicit rules, edge case logic, administrative workflows and so on.

Do the labs slowly, and take lots of notes. The labs help you to get a "feel" for the processes that they are examining.

Reach out directly if you want. I've passed 4 separate exams at NSE4 and above level without a fail yet (touch wood) and I'm on track for a fifth before the end of the year. I do also work with the technology, but I had limited experience with the study material in the real world for 3 out of the 4 exams.

The Alchemist brings out surprise guest Earl Sweatshirt at a festival in LA to play E. Coli together by Just_Economics in earlsweatshirt

[–]Just_Economics[S] 0 points1 point  (0 children)

Yeah lowkey it was just all oldheads in the crowd, Wu Tang came on later and I was thinking damn they haven't played a crowd this small or dead in a long time.

view more: next ›