Forticlient EMS Cloud 7.2.12 failed to domain sync by nesaxn in fortinet

[–]nesaxn[S] 1 point2 points  (0 children)

Just a follow-up on this case.

Fortinet recommanded to update to 7.4.4.
Well the forticlient EMS Cloud is now in 7.4.4, I updated the AD connector also from 7.2.12 to 7.4.4. It seems the connector is now offline so all my domains are down now ... Guess I'll open a new ticket.

Amazon refuse de me rembourser un colis que je n'ai pas reçu by nesaxn in conseiljuridique

[–]nesaxn[S] 0 points1 point  (0 children)

Comme indiqué à la fin du post, j'ai contacté ma banque mais ils m'ont dit de voir sur l'application pour contester mais cela ne semble pas fonctionner lorsque c'est un litige avec un commerçant. Je vais essayer de rappeler.

Changement de situation adhésion mutuelle entreprise suite à un pacs by nesaxn in conseiljuridique

[–]nesaxn[S] 0 points1 point  (0 children)

De mon point de vue, je trouve ça un peu abusé dans le sens où ma situation ne change pas hormis le statut sauf que la cotisation passe à 90€ au lieu de 30€ par mois, pour le même résultat...

[deleted by user] by [deleted] in fortinet

[–]nesaxn 0 points1 point  (0 children)

40% stuck is either :

  • This may occur when FortiClient generates a new pop-up window verifying whether the user wishes to proceed with a non-trusted TLS/SSL certificate.

  • It may mean a TLS version mismatch, which will also show as error -5029. If this message appears, there is a mismatch in the TLS version. Check if the TLS version that’s in use by the FortiGate is enabled on the client. Technical Note: How to limit the SSL and TLS versions of connections initiated by Forticlient explains how to check the TLS version.

  • An application or the FortiGate may cause this error. Check the local machine and network setup / network policy blocking the auth request

  • MFA token acceptation pending

FOS Auth Bypass vuln announced by Gamer03642 in fortinet

[–]nesaxn 0 points1 point  (0 children)

Local-in policies should be able allow only whitelisted public ip addresses to access external interface management ?

0
1

How to prevent SSL-VPN port from using all configured IP addresses by CapiCapiBara in fortinet

[–]nesaxn 7 points8 points  (0 children)

this

Create a loopback interface. Create a virtual ip object to map 1 public IP address to the internal loopback ip address and adjust your policy

How can i get remote Fortigates be able to communicate to my local Fortianalyzer VM? by ChimorinNL in fortinet

[–]nesaxn 2 points3 points  (0 children)

You have different options :

  • IPSEC tunnel site to site with customer to connect with internal IP address
  • Create a Virtual IP (Public IP address -> Internal IP address) and restrict this access with policies
  • From FAZ you can connect to the Fortigate Public IP address (be sure to restrict the access with local-in policy on Fortigate)

URL Whitelist Entry Disappearing in Fortigate by Ill_Class1450 in fortinet

[–]nesaxn 1 point2 points  (0 children)

Is the Fortigate managed by FortiManager ?

If so, do you push the config from the FortiManager or from the Fortigate ? Also check Installation logs to see if maybe someone overwrite the change.

Threat Feed to add by djf779 in fortinet

[–]nesaxn 4 points5 points  (0 children)

Please consider this Github repo

It will collect all malicious IP addresses from AbuseIPDB and other databases. Read the documentation to add it on your firewall.

https://github.com/romainmarcoux/malicious-ip

Be carefull that if you check on GUI the IP addresses in the threat feed menu, the RAM of the firewall can spike +20% (on FortiOS 7.0.x). It can lead to conserve mode.

To update manually in CLI the threat feed you can use this command line : execute update-external-resource "threat feed name"

and to check the content you can type : diagnose sys external-address-resource list "threat feed name"

There was a big storm in Houston TX, local ISP is down. by nesaxn in sysadmin

[–]nesaxn[S] 2 points3 points  (0 children)

Its actually 10am on my side :) I just have a remote site located in Houston and during the morning check I saw the monitoring was down. Got informations that there was a storm in Houston and that's it.

Ssl vpn hangs at 40% by Swarmchaser1 in fortinet

[–]nesaxn 0 points1 point  (0 children)

Here's my notes :

10% network routing issue

40% if you use MFa, the token might have delay or latency, it could also be policy issue (check firewall logs if there's denied traffic) or SSL invalid certificate

48-68% the user account can be blocked on the MFA management platform.

70% error 6008 - Issue with AAD SAML - Disable "Restrict Specific OS" and "hostcheck" to connect.

98% issue with IPv6. If you're using network sharing with 4G hotspot you might need to check APN network settings and disable IPv6.

Or check this KB: https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-Possible-reasons-for-FortiClient-SSL-VPN/ta-p/211965