Enable Loggingdiagnose vpn ike log-filter diagnose vpn ike log-filter dst-addr4 %PUBLICIPOFDESTINATIONFIREWALLVPN%diag debug app ike -1 diag debug enableThe Logs showed this ike 0:VPN_SYD:VPN_MEL: using existing connectionike 0:VPN_SYD:VPN_MEL: config […]
Tag: VPN
KB5014754: Certificate-based authentication changes on Windows 2012 domain controllers
Customer has 2012 DC’s with NPS and the Azure MFA extension for their Cisco Meraki Client VPN All staff were not able to connect to the VPN from […]
fortigate ssl vpn can’t access root DNS namespace
sporadic issues where remote users on the VPN cannot browse the root domain \\domain.local however child shares are accessible such as \\domain.local\NETLOGONRe-configured the VPN to not use […]
Fortigate IPSec Tunnel Dropping
Recently had a site to site tunnel randomly drop , fix was to Set set npu-offload disable config vpn ipsec phase1-interfaceeditset npu-offload disableend
Fortigate\Fortinet Router Enabling secondary VPN Turn On without any traffic
By default a IPSec tunnel will only come on when traffic is passed throughHowever if you enable Auto-Negotiate at both ends it will stay uphttps://community.fortinet.com/t5/FortiGate/Technical-Tip-Using-the-IPSec-auto-negotiate-and-keepalive/ta-p/189536
Password Synced to Remote computer without connectivity to Domain Controller after Password Change
Recently had a customer be able to change passwords from Exchange webmail and for the password to sync back to their local computer without having direct access […]
IPSEC Fortigate/Fortinet VPN Config
USE PFS for Phase 2 Auto Neg 2) Add Static Routes on both sides to each other’s Subnets via the VPN Connection Interface created in Step […]
How to Test IP Sec VPN Status on Fortigate HA Secondary Unit
To access the Secondary unit without changing HA Primary unit , which I would advise against if you are not sure of the VPN status run the followingexecute […]
Meraki VPN AD Auth : “Query the domain controller via WMI”
Meraki’s Advice to enable AD authentication for VPN is to create the Service account as …. Domain Administratorhttps://documentation.meraki.com/MX/Content_Filtering_and_Threat_Protection/Active_Directory_IntegrationThis is big security no no ( Incase the account […]
Meraki VPN – The remove connection was denied because the username and password combination – AD Auth
Trying to authenticate a user with their AD credentials and the error displayedThe remote connection was denied because of the username and password combinationIn the Event Log […]