- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Automation Configuration Receive SSL VPN E-mail
I have 60F V.7.2.8 and I'm configuring automation to receive e-mail when the user connects to the SSL VPN and when they leave, but I'm not receiving the e-mails.
Solved! Go to Solution.
- Labels:
-
FortiGate
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The "Filed Filters" in the Trigger mean to filter out on values in the log, they are NOT there to limit what is included in the mail sent. Remove all the Field Filters in the 1st screenshot, and it will work.
You will use filters if, say, you want to get alerts on a specific user only, ignoring logins of other users.
E.g. fire an email alert to admin@yurisk.info when a user connects to the Fortigate by SSL VPN AND she/he connects from IP address 185.242.6.3 The email alert will contain full body message of the log
Trigger
config system automation-trigger edit "TunnelisUpLog" set event-type event-log set logid 39947 config fields edit 1 set name "remip" set value "185.242.6.3" next end next end
Action:
config system automation-action edit "VPNUpEmail" set action-type email set email-to "admin@yurisk.info" set email-from "fgt@yurisk.info" set email-subject "FGT AWS VPN SSL tunnel is up" next end
Stitch:
config sys automation-stitch edit "VPNTunnelUp" set trigger "TunnelisUpLog" config actions edit 1 set action "VPNUpEmail" set required enable next end next end
If you want to dive into automation stitches, including debug and limitations, look at the stitches collection I wrote: https://github.com/yuriskinfo/Fortinet-tools/tree/main/Fortigate-automation-stitches
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @Marcos_FDS1012 ,
If you are not receiving emails, please follow the below document for the steps to follow when troubleshooting:
https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-Email-alert/ta-p/199344
For the "From" field, can you utilize the same domainin your "to" field?
Format, noreply@yourdomain.com
Kind Regards,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I've set up the same domain and it's still not working
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The first two steps are ok
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I can do all the pinging but no email arrives
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @Marcos_FDS1012 ,
Thank you for confirming connectivity. Can you test by changing the email server port? In addition, can you collect the alert mail debugs as referenced in the first article?
Kind Regards,
Created on ‎07-16-2024 12:15 PM Edited on ‎07-16-2024 12:16 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I'm using the default configuration, I don't know which port to change. I'm just starting to use this firewall and I don't know how to find the error.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The "Filed Filters" in the Trigger mean to filter out on values in the log, they are NOT there to limit what is included in the mail sent. Remove all the Field Filters in the 1st screenshot, and it will work.
You will use filters if, say, you want to get alerts on a specific user only, ignoring logins of other users.
E.g. fire an email alert to admin@yurisk.info when a user connects to the Fortigate by SSL VPN AND she/he connects from IP address 185.242.6.3 The email alert will contain full body message of the log
Trigger
config system automation-trigger edit "TunnelisUpLog" set event-type event-log set logid 39947 config fields edit 1 set name "remip" set value "185.242.6.3" next end next end
Action:
config system automation-action edit "VPNUpEmail" set action-type email set email-to "admin@yurisk.info" set email-from "fgt@yurisk.info" set email-subject "FGT AWS VPN SSL tunnel is up" next end
Stitch:
config sys automation-stitch edit "VPNTunnelUp" set trigger "TunnelisUpLog" config actions edit 1 set action "VPNUpEmail" set required enable next end next end
If you want to dive into automation stitches, including debug and limitations, look at the stitches collection I wrote: https://github.com/yuriskinfo/Fortinet-tools/tree/main/Fortigate-automation-stitches
Created on ‎07-17-2024 03:47 AM Edited on ‎07-17-2024 03:58 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello ,
Now I'm receiving the e-mail, but how do I set it up to receive information from the user who is logged in?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
I managed to make it work thanks for your help
