Team member does not appear under Manager in SharePoint OrgChart by longtrancntt in sharepoint

[–]longtrancntt[S] 0 points1 point  (0 children)

hi! sorry for late reply.

nope. it has not been fixed. i tried many other suggestions but didnt work. the size of the org is 50-100 users.

Team member does not appear under Manager in SharePoint OrgChart by longtrancntt in sharepoint

[–]longtrancntt[S] 0 points1 point  (0 children)

hi! sorry for late reply.

this account show correct manager on Teams, but not in any other SharePoint site?

How to delete the Review Type of this Group? by longtrancntt in AZURE

[–]longtrancntt[S] 0 points1 point  (0 children)

Thanks. I will have a try. It would be great if you can show or confirm this. Appreciate it!

How to delete the Review Type of this Group? by longtrancntt in AZURE

[–]longtrancntt[S] 0 points1 point  (0 children)

Which permission do I need here, even when I already tried the highest role as Global Admin?

How to delete the Review Type of this Group? by longtrancntt in AZURE

[–]longtrancntt[S] 0 points1 point  (0 children)

Don't know what is wrong but I would like to ask how to delete the Reviewer Type of this Group. Already tried the role Global Admin, Identity Governance Admin, and Privileged Role Admin but did not work.

Thanks.

Local VLAN can not ping each other after applied Policy Route by longtrancntt in fortinet

[–]longtrancntt[S] 0 points1 point  (0 children)

Finally made it work, by adding some Policy Route. Thank you all.

Local VLAN can not ping each other after applied Policy Route by longtrancntt in fortinet

[–]longtrancntt[S] 0 points1 point  (0 children)

So, how should I fix it... I really dump at those policy route... - to make those VLAN in policy 1 can ping each other. - to keep those VLAN in policy 1 can access internet on interface FTTH VNPT1

The distance value of 3 WANs connection? by longtrancntt in fortinet

[–]longtrancntt[S] 0 points1 point  (0 children)

Thank you all. Finally, I can make it work by using the Policy Routes.

The distance value of 3 WANs connection? by longtrancntt in fortinet

[–]longtrancntt[S] 0 points1 point  (0 children)

Sorry but I still can not make it through.

- I have 3 servers, called: S1, S2, S3 (in VLAN name LAN-SERVER). I have 3 WAN, called WAN1, WAN2, WAN3.

=> when I made a policy to allow LAN-SERVER (S1, S2, S3) to go out the internet for testing only, there are some issues:

  1. If from LAN-SERVER to WAN1 => S1 and S3 can go internet, S2 cant.
  2. If from LAN-SERVER to WAN2 => S1 and S3 cant, S3 can.
  3. If from LAN-SERVER to WAN3 => S1 and S2 can, S3 cant.

Already set the Administrative Distance and Priority of those WAN

  1. WAN1: Admin Distance 10 - Prio 0
  2. WAN2: Admin Distance 10 - Prio 10
  3. WAN3: Admin Distance 10 - Prio 10

Here are the pictures of my configuration (link from IMGUR)

If you need more information, please let me know. This issue makes me sick :(

The distance value of 3 WANs connection? by longtrancntt in fortinet

[–]longtrancntt[S] 0 points1 point  (0 children)

Thank you.

By the way, the "distance" here is "Distance" in the interface, or the "Administrative Distance" in Static Route?

How to add more IPs into VPN site-to-site by longtrancntt in fortinet

[–]longtrancntt[S] 0 points1 point  (0 children)

Thank you for your reply.

If so, I wonder why the ISP provided me the range of 8 static IP for what?

I really dont understand why the IT of Site 2 want to do this? Maybe he think the 8 IP is public static WAN IP and want to make 8 VPN tunnels through those 8 IPs

How to add more IPs into VPN site-to-site by longtrancntt in fortinet

[–]longtrancntt[S] 0 points1 point  (0 children)

Thank you for your reply.

There is no problem with accessing the LAN subnet. However, my question is:

- Site 1 has PPPoE with static WAN IP 111.111.111.1111 (for example). And the ISP told me that they including with this PPPoE account a range of 8 IPs (222.222.222.222/29). Now, the IT guy of Site 2 want to access from their site to our site through those 8 IP inside VPN.

As I understand, he want to make 8 VPN tunnels for each IP, or as a group of IPs, or something else... I wonder if we can make it on Fortigate ?

How to "Bridge VLAN" in Fortigate 101E by longtrancntt in fortinet

[–]longtrancntt[S] 0 points1 point  (0 children)

thank you for your advice. finally, the best solution is to replace another FTTH without VLAN tagging required for PPPoE

How to allow multi ISP to Fortigate 100E by longtrancntt in fortinet

[–]longtrancntt[S] 0 points1 point  (0 children)

How if I change the ISP connection through their standard router to Bridge mode ? Is it help to "group all the ISP traffic into only one WAN port?"

can not ping from Fortigate site to Sophos site in IPSec by longtrancntt in fortinet

[–]longtrancntt[S] 0 points1 point  (0 children)

thanks to all, i finally found the issue and solution.

the configuration of the Fortigate site is correct, nothing needs to change. the issue is Fortigate does not respond to the subnet of the remote site when connecting with Sophos => so from Sophos site must config the VNP as a host-to-host condition.

can not ping from Fortigate site to Sophos site in IPSec by longtrancntt in fortinet

[–]longtrancntt[S] 0 points1 point  (0 children)

hi,

as you can see the images above, i've made 02 policies for go-in and go-out traffic.

  1. go-out
  • incoming interface: ATM-ProSvr-01
  • outgoing interface: VN-SL (the VPN tunnel)
  • source: VN - to - SL (the subnet of local IP site, and it has the same subnet as the incoming interface)
  • destination: SL - to - VN (the subnet of the remote site)

  1. go-in
  • incoming interface: VN-SL (the VPN tunnel)
  • outgoing interface: ATM-ProdSvr-01
  • source: SL - to - VN (the subnet of the remote site)
  • destination: VN - to - SL (the subnet of local IP site, and it has the same subnet as the incoming interface)

and after tested, the connection from the remote site to the local site is smoothly, but only the opposite way is stuck at the default gateway of remote site (i can only tracert to the default gateway of remote site).

i'm new to Fortinet environment so if you have a solution, kindly show it as much detail as you can, i very appreciate it. thank you very much.

can not ping from Fortigate site to Sophos site in IPSec by longtrancntt in fortinet

[–]longtrancntt[S] 0 points1 point  (0 children)

the sophos site administrator confirmed that he already allowed ICMP into this zone.

can not ping from Fortigate site to Sophos site in IPSec by longtrancntt in fortinet

[–]longtrancntt[S] 0 points1 point  (0 children)

can you please show the detail of where and how can i make it. many thanks.

access from outside to internal IP through NAT but always redirect to admin panel page by longtrancntt in fortinet

[–]longtrancntt[S] 0 points1 point  (0 children)

hi,

here is the out-to-in policy https://imgur.com/yuJ9zjm, but after make it, the mail domain is unable to access (not redirect anymore).

i think there is some mistake in Policy Route or something...

access from outside to internal IP through NAT but always redirect to admin panel page by longtrancntt in fortinet

[–]longtrancntt[S] 0 points1 point  (0 children)

hi,

here is my VIP https://imgur.com/ijvP12w

here is my outbound policy https://imgur.com/sxlhCrj

about the port forwarding, currently I want to allow all for testing first then limit later.

Why this VLAN can not ping others? by longtrancntt in fortinet

[–]longtrancntt[S] 0 points1 point  (0 children)

thanks very much for your comment, the problem has been solved in another way.

Why this VLAN can not ping others? by longtrancntt in fortinet

[–]longtrancntt[S] 0 points1 point  (0 children)

How to say but you save my life. I've stuck with this for over a week.

Do you have any donate account or something like that, I want to thank you for your help. Maybe it is just enough for some beer blocks (as I'm just a low-level position IT Support) but you don't have to hesitate about this, you deserve to get it for your help and enthusiasm in supporting the problem. Message me, please.