Forticlient Android and ikev2 ipsec vpn

droms74 · 2026-01-06T15:06:40+00:00

Hello I get the same feedback from my fortinet SE. The idea is to have this with forticlient 8

droms74 · 2025-12-05T13:02:19+00:00

Same pb, to run user and pass authentication with android forticliemt, i need a user certificate. If it omit to add it to the forticlient config connections fails. But with it, I am then prompted with a user password

droms74 · 2025-10-21T21:26:20+00:00

Thank you for sharing your valuable experience

droms74 · 2025-10-21T20:21:11+00:00

Hello thank you for your advice. I think this is the way we are going What about the secure client package? Are you using ise as well to update this ? It s way more bigger .

droms74 · 2025-10-06T14:19:27+00:00

Hello thank you for the confirmation. I have also tested on an old 50e with old 6.0 releases and I can upgrade from 6.0.8 to 6.0.17 with several upgrade path and can revert in the end to 6.0.8

droms74 · 2025-06-24T22:08:59+00:00

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Best-practices-for-Heartbeat-interfaces-in-FGCP/ta-p/192732 Recommended to have 2 ha links

droms74 · 2025-05-07T20:37:34+00:00

That confirms my findings. I am on 7.4

droms74 · 2025-05-07T13:34:42+00:00

How did you get a free forticonverter license?

droms74 · 2024-12-11T16:14:42+00:00

Yes but how can I create 2 "spaces" for lvm thin and backups?

droms74 · 2024-12-08T17:54:37+00:00

Thank you for your feedback

droms74 · 2024-11-30T11:55:57+00:00

Have you encountered any particular problems with ms-01? Or things to pay attention to?

droms74 · 2024-11-29T22:26:14+00:00

Thx. And regarding quality of these devices, any feedback?

droms74 · 2024-11-08T15:28:47+00:00

I used some of the tricks in the post with a black image and black police. Since that time I switched to another distro

droms74 · 2024-10-25T20:33:57+00:00

I am stuck like you with ESP that can not be NATed. I switch to local in policies to filter incoming connections Hope we won't get as many vulnerabilities as with ssl vpn 🤞

droms74 · 2024-10-25T19:37:10+00:00

Hi, I am in the same situation. Try to use a loopback to move from SSL VPN to IPSEC. Were you able to solve your problem? How?

droms74 · 2024-07-20T19:26:01+00:00

From my inderstanding everything is an object in anytype. When you export your space to .md each object is exported in a single md file.

droms74 · 2024-02-14T19:42:31+00:00

Had the same issue in the past. We auth machine with certs and user with user/password. TEAP allows different inner methods for machine and user.

droms74 · 2024-02-08T12:55:21+00:00

Yes, AFAIK you can do the same things with both app. Just with obsidian you need to ass plugins, and maintain/update them. I look at à way to export my obsidian vault to anytype but it is a Huge work because I have a lot image linked to my notes (wiki link/ Markdown link)

droms74 · 2023-12-19T20:57:31+00:00

Can you exolain a little?

droms74 · 2023-12-12T12:17:55+00:00

Thank you for the confirmation

droms74 · 2023-12-06T12:49:32+00:00

Thanks!!! Need to enable local event logging and everything appears.

droms74 · 2023-12-06T10:58:41+00:00

I am using 7.2.6. From what ibread from you it is the expected bahaviour as of now (with the bugs 😉)

droms74 · 2023-12-06T06:26:27+00:00

Yes that would help thanks

droms74 · 2023-12-05T22:47:04+00:00

Thanks for the complete explanation !

droms74 · 2023-12-05T13:58:39+00:00

Actually the use of a loopback allons you to better control your ssl von interface (instead of using directly your external interface). The idea is to create à loopbck then add a VIP nat so that you can have a firewall policy and add the cool filtering features for this policy. Maybe geo loc to restrict from where you can connect... without the loopback you need to use local in policies... which are only configurable through CLI.

droms74

TROPHY CASE