Are you running FortiOS 6.2.x and your Web Filter Overrides suddenly stopped working? Then read ahead.
FortiOS 6.2: IPS Engine Update affects behaviour of Web Filter Overrides
FortiGate SSLVPN Update-Empfehlung
Update, Nov 2020: More than a year after Fortinet described this SSLVPN vulnerability, it gets new attention. A few days ago a list of IPs and domain names of vulnerable Fortigates was published. This list is dated November 2019 and one can only hope that many of these systems have…
FortiClient and macOS Big Sur – SSL top, IPsec flop
Spoiler Alert! – Since the release of macOS 11.0 aka Big Sur, your FortiClient VPN might not be working as expected anymore if you have already upgraded. There’s a chance you might not have noticed it, in the case that you’re using SSL VPN only in your environment. But as…
CheatSheet – FortiOS v6.4
The System Engineers of BOLL Engineering have been supporting Fortigate devices for 18 years. This year, FortiOS v6.4 was released and we have again gathered all the troubleshooting commands that we use regularly in our new CheatSheet. Hopefully this CheatSheet will help you as well. You will find the most…
Fortigate VM Azure: IPsec performance issue
Based on two recent support cases regarding the IPsec performance between an OnPrem and Azure FortiGate, we did some testing using the latest FortiOS 6.4.1. We’ve created a basic IPsec tunnel using the wizard, deployed an Ubuntu machine at both sites and used iPerf3 to do some speed testing. The…
FortiClient/PaloAlto Support for Catalina – “legacy system extensions” error
Since a while, the most recent macOS versions the system do report the use of “legacy system extensions” which is often triggered by modules or plugins of low-level software like VPN Clients, AV software etc.
FortiAP and VLAN ID 97 or 98
Did you know, that on the FortiAP FAP-C24JE, the VLAN ID’s 898 and 899 are reserved for system use? Or that the FortiAP models FAP-S221E, FAP-S223E, FAP-221E, FAP-222E, FAP-223E and FAP-224E can not work with VLAN ID 97 and 98? I’m sure you already guessed it: These ID’s are reserved…
Upgrade your FortiMail now!
There seems to be a vulnerarbility in some FortiMail versions, that allow an unauthenticated remote attacker to access the system by requesting a password change. Please refer to the FortiGuard PSIRT article. The problem here is not only the unauthorized access to the system, but also the change of the…
Websites are not working anymore
Since June 1st you may notice that some websites (https) are not working anymore when Fortigate or the Palo Alto Networks Firewall is doing decryption or certificate inspection. Typically you are getting one of the following error messages:
Troubleshooting FortiGate SSLVPN Problems
Last Update: 21. July 2025 Configuring SSLVPN with FortiGate and FortiClient is pretty easy. Nevertheless problems may occur while establishing or using the SSLVPN connection.
