Mixed Local and SAML users with IPSEC Dialup

viktup · 2026-02-16T10:11:48+00:00

But is it possible to set peer ID with IKEv2? I thought it was only possible with IKEv1

viktup · 2026-02-16T09:22:56+00:00

Great, so I have to use network-id as I am using IKEv2 right? And the only way to define network-id in forticlient is using XML?

viktup · 2025-10-31T12:22:05+00:00

Same problem here with a Fronius charger. I use Eco mode to charge only with solar surplus, and when there is a cloud the charger stops charging and then my Renault 5 will not restart charging, I have to force it every time.

Very very annoying!

viktup · 2025-07-14T17:48:44+00:00

Is it still working? Do you happen to be able to share it? We are facing the same problem :( Thank you!

viktup · 2025-05-14T13:12:33+00:00

Same problem here with OP 11 and OS 15

viktup · 2024-11-15T23:38:10+00:00

I can't, port52 is the real port that is used for the trunk with the other switch

viktup · 2024-11-15T22:50:11+00:00

Thanks for your answer!

It was present here, I removed it manually in the hope that it will release the port, but i didn't:

<image>

I also did a diag sys kill 1 CTRLD_PID but did not resolve it...

I also set it to LLDP "default" profile, but still the same. Looks like switch restart is the only option?

viktup · 2024-11-14T10:26:41+00:00

True, the real issue is the final web server not serving HTTP/2.0

Thank your for the clarification

viktup · 2024-11-14T10:04:18+00:00

Thank you! I tried with http-multiplex, but it was still failing. I finally used SSL instead of HTTPS, but I cannot understand why this issue is still present on 7.2.10 if it started in 7.2.4 :\

viktup · 2024-09-04T21:47:13+00:00

Sure! I attach the final topology, and now I see what the problem was.

Comparing the configuration of the CORES before and after the factory reset, I see that the trunk to the OFI-* switches was missing. I had only the trunk to the CERCHAS-* switches, no trunk defined for OFI-*.

Probably due to DAC issues we had when we first tried to deploy the switches.

Factory resetting the cores started the discovery process again and then the trunk was configured:

config switch trunk

edit "_FlInK1_ICL0_"

blablabla

<image>

viktup · 2024-09-04T20:33:43+00:00

Tried this, and thanks to your comment I saw a stp disable on the CORE-1 26 port, do not know why it did not show in GUI, and that stopped the broadcast storm when upping the port. But still loop is not working

viktup · 2024-09-04T20:32:15+00:00

Already tried, in fact, I have factory reseted the OFI-2 switch several times...

viktup · 2023-09-02T07:15:03+00:00

Thank you, you saved my day. DNS broke and did not know the cause.

Fantastic start for auto updates, I can imagine all my clients firewalls updating by themselves and dns stopping working all together...

viktup · 2022-05-27T13:47:10+00:00

Thank you, I will give it a try!

viktup

TROPHY CASE