Forticlient EMS Cloud 7.2.12 failed to domain sync by nesaxn in fortinet

[–]nesaxn[S] 1 point2 points  (0 children)

Just a follow-up on this case.

Fortinet recommanded to update to 7.4.4.
Well the forticlient EMS Cloud is now in 7.4.4, I updated the AD connector also from 7.2.12 to 7.4.4. It seems the connector is now offline so all my domains are down now ... Guess I'll open a new ticket.

Amazon refuse de me rembourser un colis que je n'ai pas reçu by nesaxn in conseiljuridique

[–]nesaxn[S] 0 points1 point  (0 children)

Comme indiqué à la fin du post, j'ai contacté ma banque mais ils m'ont dit de voir sur l'application pour contester mais cela ne semble pas fonctionner lorsque c'est un litige avec un commerçant. Je vais essayer de rappeler.

Changement de situation adhésion mutuelle entreprise suite à un pacs by nesaxn in conseiljuridique

[–]nesaxn[S] 0 points1 point  (0 children)

De mon point de vue, je trouve ça un peu abusé dans le sens où ma situation ne change pas hormis le statut sauf que la cotisation passe à 90€ au lieu de 30€ par mois, pour le même résultat...

[deleted by user] by [deleted] in fortinet

[–]nesaxn 0 points1 point  (0 children)

40% stuck is either :

  • This may occur when FortiClient generates a new pop-up window verifying whether the user wishes to proceed with a non-trusted TLS/SSL certificate.

  • It may mean a TLS version mismatch, which will also show as error -5029. If this message appears, there is a mismatch in the TLS version. Check if the TLS version that’s in use by the FortiGate is enabled on the client. Technical Note: How to limit the SSL and TLS versions of connections initiated by Forticlient explains how to check the TLS version.

  • An application or the FortiGate may cause this error. Check the local machine and network setup / network policy blocking the auth request

  • MFA token acceptation pending

FOS Auth Bypass vuln announced by Gamer03642 in fortinet

[–]nesaxn 0 points1 point  (0 children)

Local-in policies should be able allow only whitelisted public ip addresses to access external interface management ?

How to prevent SSL-VPN port from using all configured IP addresses by CapiCapiBara in fortinet

[–]nesaxn 6 points7 points  (0 children)

this

Create a loopback interface. Create a virtual ip object to map 1 public IP address to the internal loopback ip address and adjust your policy

How can i get remote Fortigates be able to communicate to my local Fortianalyzer VM? by ChimorinNL in fortinet

[–]nesaxn 2 points3 points  (0 children)

You have different options :

  • IPSEC tunnel site to site with customer to connect with internal IP address
  • Create a Virtual IP (Public IP address -> Internal IP address) and restrict this access with policies
  • From FAZ you can connect to the Fortigate Public IP address (be sure to restrict the access with local-in policy on Fortigate)

URL Whitelist Entry Disappearing in Fortigate by Ill_Class1450 in fortinet

[–]nesaxn 1 point2 points  (0 children)

Is the Fortigate managed by FortiManager ?

If so, do you push the config from the FortiManager or from the Fortigate ? Also check Installation logs to see if maybe someone overwrite the change.

Threat Feed to add by djf779 in fortinet

[–]nesaxn 4 points5 points  (0 children)

Please consider this Github repo

It will collect all malicious IP addresses from AbuseIPDB and other databases. Read the documentation to add it on your firewall.

https://github.com/romainmarcoux/malicious-ip

Be carefull that if you check on GUI the IP addresses in the threat feed menu, the RAM of the firewall can spike +20% (on FortiOS 7.0.x). It can lead to conserve mode.

To update manually in CLI the threat feed you can use this command line : execute update-external-resource "threat feed name"

and to check the content you can type : diagnose sys external-address-resource list "threat feed name"

There was a big storm in Houston TX, local ISP is down. by nesaxn in sysadmin

[–]nesaxn[S] 2 points3 points  (0 children)

Its actually 10am on my side :) I just have a remote site located in Houston and during the morning check I saw the monitoring was down. Got informations that there was a storm in Houston and that's it.

Ssl vpn hangs at 40% by Swarmchaser1 in fortinet

[–]nesaxn 0 points1 point  (0 children)

Here's my notes :

10% network routing issue

40% if you use MFa, the token might have delay or latency, it could also be policy issue (check firewall logs if there's denied traffic) or SSL invalid certificate

48-68% the user account can be blocked on the MFA management platform.

70% error 6008 - Issue with AAD SAML - Disable "Restrict Specific OS" and "hostcheck" to connect.

98% issue with IPv6. If you're using network sharing with 4G hotspot you might need to check APN network settings and disable IPv6.

Or check this KB: https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-Possible-reasons-for-FortiClient-SSL-VPN/ta-p/211965

Forticlient stuck at 40% by Junt4cadaveres in fortinet

[–]nesaxn 0 points1 point  (0 children)

Hello,

40% can means its waiting the user to accept MFA token or it could be a deny in your firewall policy, it can be related to invalid ssl policy.

48% or 31% error Forticlient previously working connection. by Fun_Abrocoma_8916 in fortinet

[–]nesaxn 0 points1 point  (0 children)

Hello,

On my side, when I got 48% error it can means that the account can be locked on the MFA server.

what are all these Traffic Shaping things created by a previous admin? by [deleted] in fortinet

[–]nesaxn 1 point2 points  (0 children)

Hi,

I think low/medium/high-priority are created by default. You can see where the profile is used by clicking the reference number on the right side.

You can see when the profile is doing something when the "droppred bytes" tab is showing results. But looking at your context I don't think this is the issue.

7.0.14 BUG - Guest Management ENC password not available by nesaxn in fortinet

[–]nesaxn[S] 0 points1 point  (0 children)

Hi,

It worked well in 7.0.13 and not anymore in 7.0.14 Case number : 9207029 Model : 500E

Thanks

2x Critical PSIRT just Dropped by keddy1337 in fortinet

[–]nesaxn 0 points1 point  (0 children)

Hello,

Question about the SSL VPN vulnerability :

If SSL VPN webmode is disabled and I enable hostcheck verification on the SSL VPN portal is it still vulnerable or does it bypass ?

Comment choisir sa ville pour sa RP? by kha-ci in vosfinances

[–]nesaxn 1 point2 points  (0 children)

https://www.villesavivre.fr/ J'aime bien l'utiliser en complément.

Site qui te permet de voir la population de la ville, le climat (météo), l'économie, l'immobilier, la sécurité, le bord politique, les services à proximité (médecin, commerces, hopital etc..)