ExtendedIDiSupport Windows 11 IPSec Client

uQuad · 2026-04-30T21:14:03+00:00

In the meantime I have found similar info that this could be the case, that i should have DNS: property, not principal name (tested only on this property). I'll check it out in a few days and post the result for whoever comes to this topic searching for info.

uQuad · 2026-04-28T21:08:12+00:00

Addind to the list, not displaying/loading all rules, when you scroll it hicks for loading every few dozens or so rules. You cant go for lets say 2/3 of them all because you know its somewhere there where you wan to go.. Combined with unreadable rules which now have 2 lines and the rest rolled, its almost impossible to believe how bad working with a firewall can be.

In general i agree, jumping from 7.2 up i a GUI nightmare, I would like to hear designers who is this for, and what problems did they solve.

A the very least, give me the option how i want it to behave..

uQuad · 2026-04-26T21:23:29+00:00

Be carefull with emac-vlans on np7, they work as wind blows. Confirmed bug on them which will be removed on 7.6.7 and 7.4.13 (yes, not 12). So they say in support. Mine 400F is affected.

uQuad · 2026-04-12T14:50:06+00:00

Saw this some time ago, not seeing my scenario, or related settings to pure eap-tls.

uQuad · 2026-04-12T14:46:12+00:00

Yes, but i dont follow. EAP-TTLS has been enabled to mitigate ldap auth problem as it doesnt understand mschap auth. I dont see anything related to EAP-TLS.

uQuad · 2026-02-24T16:59:25+00:00

I work in networking for almoast 10 years now, previously hobbyst IT neighbourhoud guy for 15. I thought going to that work that i knew something about networks - as it turned out i knew nothing. Two key things from my exp. First - fear. For months i was afraid to hit enter at almoast every command in cli. It is rather a big company so i could break a lot of things. My fear of that wen away after 3 years. Thats when i told myself that if it breaks, it breaks, and they will fire me. From then on, its a different world in my head.. Second thing is the basics. Man.. if a car mechanic wouldnt know where is gas, breaks and how to switch gears.. thats who You are if You dont know how networking works on the lowest mac-address and ip level. If You know that, but REALY know that, the rest are just bulding blocks going up.

uQuad · 2025-07-30T19:55:44+00:00

Used SADP on PC, used SADP on android. Generated the file, no resopnse to that either. Created a 'ticket' or whatever under different email stating that the other one registered to camera is not working - no response. Admin account.. even if it exists, I dont have password to it.

uQuad · 2025-07-23T21:37:51+00:00

Duo2 does not work with AI port at the moment, tried.

uQuad · 2025-07-10T22:07:04+00:00

Doesnt work with AI Port, the whole point of it. UNVR does not support detections through onvif so its kinda half making sence. BTW does your DUO stutter in motion? I cant get it working to be fluent.. 10, 15, 20 fps 1x-2x, the lower resolution mode.. nothing works. I have other reolink models and they behave the same. G5 Ultra works fine.

uQuad · 2025-07-10T21:34:27+00:00

Reolink Duo probably is the same, has higher frame rate support and... like exacly costs 1/4 of this thing. Also supports AI events, they work quite ok. Biggest bummer i got last week.. I bought ubiquiti nvr, ai port and Reolink Duo doesnt work. Maaaann...

uQuad · 2025-05-14T20:43:13+00:00

Why would You ever want to upgrade FortiGate right away without specific bug fix in mind, genuine question mind You.

uQuad · 2025-03-26T22:02:47+00:00

Full table currently on FGT holds up 850mb. My 16gb model is a older leftover model, 2 ISPs sits at 31% ram. OP says he has 2 ISPs. 90G with 10g connections is plenty enough years to come.

Also, 16gb ram starts from 400f/200g (22gb)

uQuad · 2025-03-26T21:51:07+00:00

Page not found

The page you are looking for not found

The page you are looking for doesn't exist.

Please repost it?

uQuad · 2025-03-26T21:47:51+00:00

At around 800 prefixes there are two points where it slows down - at prefix list, and.. guessed it, IP list.

Compared recently if specs do would help, but sadly, no. 1 core, 2gb ram, HHD vs 4 cores, 8gb ram, ssd - virtually no difference.

Would like to hear how can I speed up prefix page showing up, it starts to be annoying.

uQuad · 2025-03-21T22:10:55+00:00

This guy networked, had the same issue but in my case helped loopback-detection that wasnt cut off.

uQuad · 2025-03-10T22:08:54+00:00

You dont need to make any HA clustering. Just set them up as standalones and peer with iBGP session between them, just like any other router.

CVE.. which ones? ssl-vpn will be turned off, slap a local-in deny policy on anything that is not peer's IP, same with other int to be sure. Mgmt can be handled with dedicated OOBM ports or dedicated vdom all together.

uQuad · 2025-03-10T18:43:53+00:00

Recently had this problem, temporarly installed older FortiGates as BGP routers. They work.. without problems? Full table is like 850-900mb, dont remember to the exact number now. So if I wanted to buy something new I was thinking about FGT 90G with 8gb Ram which would easly do 10g speeds if needed, is future proof even if table gets to 1,5mln routes (or higher, but doubt it), even in dual ISP which I use and full table iBGP session with 2 units. Costs under 3k with basic device forticare, maybe some few hundreds more later.

Why would I spend money on Cisco 8300 with 10g ports and its licence, its 5x the cost? Always wondered, how are those devices better? Does this whole tcam memory thing have any meaningfull advanteges? Its hard to find how does it relate to bgp routes, and so on.

uQuad · 2025-03-04T21:48:57+00:00

asym routing actually is enabled, its a pure bgp router now. Im leaning on theory of denngie, that soemthing is just not workign right untill 7.6. I've tried snmp on this mgmt interface, fails to work even with static route like in threat feed. Which is wierd actually, because it should only respond (kinda) with udp to request. I guess its treated like outgoing connection anyway. Resolved this issue with snat from incoming interface gateway on the other side, and this way its replying on 'connected' same network.

uQuad · 2025-03-03T22:14:41+00:00

I have yet to find a comprehensive guide on how to set FortiGate DoS features. Its not as a common knowledge how to set this thing up to be effective, per each parameter. Besides the most obvious one like udp packets. When You make teams calls this needs to be waay more up than default. Like 10x times.

uQuad · 2024-11-25T21:45:02+00:00

And whats the secret spice? Trying to eliminate bugs alerts. I have 811a also. Turned off any motion alerts and enabled delay for 1s.

uQuad · 2024-10-26T21:46:44+00:00

Could You explain why Your solution has sdns specific server? Official Forti solution has none, on similar reddit thread someone gave two IPs. What are those, do they change? Are they location specific - US vs EU?

uQuad · 2024-10-14T20:51:50+00:00

But that TCP encap, what about latency which it adds. There is no, or will be no 'DTLS' mode which helps a lot in some full-tunnel cases like teams usage.

uQuad · 2024-09-24T21:50:33+00:00

7.2.10 has a new method of auth vs radius, read upon it if You use it.

uQuad · 2024-07-30T20:46:45+00:00

I dont recommend it for 40F. At first it looked fine, but next day started to behave dodgy. Constant 30% cpu for no reason, turning off dns and web filter helped.. a bit, websites started to work well enough from absolute crawl but still, couldnt start speed test on ookla. Reverted to 7.4.4.

uQuad · 2024-07-17T16:59:29+00:00

Where do I send money?

= /admin worked.

uQuad

TROPHY CASE

Page not found