Description
This article describes how to configure email alerts for security profile, administrative, and VPN events.
Scope
FortiGate.
Solution
From GUI.
Configure a mail service.
By default, it will be using the mail server of Fortinet and can be customized by enabling the custom settings under System -> Settings -> Email Service.
To configure alert email.
Go to Log & Report and enable 'Email Alert Settings'. Enable required events for alert mail. On FortiOS 6.4.0 and above, 'Email Alert Settings' is removed from the GUI. It can be configured with the 'config alertemail setting' command as shown below.
Go to Log & Report and enable 'Email Alert Settings'. Enable required events for alert mail. On FortiOS 6.4.0 and above, 'Email Alert Settings' is removed from the GUI. It can be configured with the 'config alertemail setting' command as shown below.
From CLI.
- To configure the default email server (notification.fortinet.net):
config system email-server
set server "notification.fortinet.net"
set reply-to "admin@fortinet.com" <--- Email address which is used to send email.
set source-ip 0.0.0.0 <----- This is an important field to set (source IP which is used to send out the email traffic).
set port 465
set security smtps
end
set server "notification.fortinet.net"
set reply-to "admin@fortinet.com" <--- Email address which is used to send email.
set source-ip 0.0.0.0 <----- This is an important field to set (source IP which is used to send out the email traffic).
set port 465
set security smtps
end
If there is no response from the server, change the outgoing interface.
config system email-server
set interface-select-method specify
set interface port1====== specify the outgoing interface
end
auto --> Set outgoing interface automatically.
sdwan --> Set outgoing interface by SD-WAN or policy routing rules.
specify --> Set outgoing interface manually.
- To configure a custom email service in the CLI.
config system email-server
set type custom
set reply-to "helpdesk@fortinet.com"
set server "smtp.office365.com"
set port 587
set source-ip 0.0.0.0 <----- This is an important field to set (source IP which is used to send out the email traffic).
set source-ip6 ::
set authenticate enable
set validate-server disable
set username "example@domain.it"
set security starttls
set ssl-min-proto-version default
end
set type custom
set reply-to "helpdesk@fortinet.com"
set server "smtp.office365.com"
set port 587
set source-ip 0.0.0.0 <----- This is an important field to set (source IP which is used to send out the email traffic).
set source-ip6 ::
set authenticate enable
set validate-server disable
set username "example@domain.it"
set security starttls
set ssl-min-proto-version default
end
Note: From FortiOS 6.4.10, 7.0.8, 7.2.0, and above, the ‘reply-to’ option is only configurable when using a custom SMTP Server. It will not be available when using the default SMTP server 'notification.fortinet.net'.
- To configure 'Email Alert Settings'.
config alertemail setting
set username "test@example.com"
set mailto1 "test@example.com"
set HA-logs enable
set IPsec-errors-logs enable
set PPP-errors-logs enable
set sslvpn-authentication-errors-logs enable
set configuration-changes-logs enable
end
set username "test@example.com"
set mailto1 "test@example.com"
set HA-logs enable
set IPsec-errors-logs enable
set PPP-errors-logs enable
set sslvpn-authentication-errors-logs enable
set configuration-changes-logs enable
end
After the settings are completed, a test email can be triggered to test the settings:
diagnose log alertmail test
If the issue persists, it is possible to collect the below debug:
To collect the debug for email alert :
diag debug reset
diag debug enable
diag debug console timestamp enable
diag debug application alertmail -1
Send a test activation mail:
diagnose log alertmail test
Then disable debug:
diag debug disable
diag debug reset
Save the output either download it via the CLI window or use the Putty tool to log them, to attach the debug logs to the case for TAC review.
Note:
If 'username' and 'mailto' are set on the same domain name, the email cannot be received. They must be on different domain names.
Related articles:
Technical Tip: How to configure SMTP using custom server and port on FortiGate
