Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Marcos_FDS1012
Contributor

Created on ‎07-16-2024 08:10 AM

Automation Configuration Receive SSL VPN E-mail

I have 60F V.7.2.8 and I'm configuring automation to receive e-mail when the user connects to the SSL VPN and when they leave, but I'm not receiving the e-mails.Captura de tela 2024-07-16 120454.pngCaptura de tela 2024-07-16 120546.pngCaptura de tela 2024-07-16 120650.png

Labels:
1875
0 Kudos
2 Solutions
Yurisk
SuperUser
SuperUser

Created on ‎07-17-2024 02:13 AM Edited on ‎07-17-2024 02:13 AM

The "Filed Filters" in the Trigger mean to filter out on values in the log, they are NOT there to limit what is included in the mail sent. Remove all the Field Filters in the 1st screenshot, and it will work.

 

You will use filters if, say, you want to get alerts on a specific user only, ignoring logins of other users. 

 

E.g. fire an email alert to admin@yurisk.info when a user connects to the Fortigate by SSL VPN AND she/he connects from IP address 185.242.6.3 The email alert will contain full body message of the log

 

  • Trigger

config system automation-trigger
    edit "TunnelisUpLog"
        set event-type event-log
        set logid 39947
        config fields
            edit 1
                set name "remip"
                set value "185.242.6.3"
            next
        end
    next
end

 

  • Action:

config system automation-action
    edit "VPNUpEmail"
        set action-type email
        set email-to "admin@yurisk.info"
        set email-from "fgt@yurisk.info"
        set email-subject "FGT AWS VPN SSL tunnel is up"
    next
end

 

  • Stitch:

config sys automation-stitch
    edit "VPNTunnelUp"
        set trigger "TunnelisUpLog"
        config actions
            edit 1
                set action "VPNUpEmail"
                set required enable
            next
        end
    next
end

 

 

If you want to dive into automation stitches, including debug and limitations, look at the stitches collection I wrote: https://github.com/yuriskinfo/Fortinet-tools/tree/main/Fortigate-automation-stitches 

 

Yuri Slobodyanyuk

View solution in original post

Yuri Slobodyanyuk
1728
Marcos_FDS1012
Contributor
In response to Marcos_FDS1012

Created on ‎07-17-2024 06:01 AM

Hello,

I managed to make it work thanks for your help

View solution in original post

1688
10 REPLIES 10
Quint021
Staff
Staff

Created on ‎07-16-2024 08:16 AM

Hello @Marcos_FDS1012 ,

If you are not receiving emails, please follow the below document for the steps to follow when troubleshooting:

https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-Email-alert/ta-p/199344
For the "From" field, can you utilize the same domainin your "to" field?
Format, noreply@yourdomain.com 

Kind Regards, 

1619
Marcos_FDS1012
Contributor
In response to Quint021

Created on ‎07-16-2024 08:18 AM

I've set up the same domain and it's still not working

1617
0 Kudos
Marcos_FDS1012
Contributor
In response to Quint021

Created on ‎07-16-2024 08:22 AM

 

The first two steps are ok

Captura de tela 2024-07-16 122156.png

 

 

1614
0 Kudos
Marcos_FDS1012
Contributor
In response to Marcos_FDS1012

Created on ‎07-16-2024 12:05 PM

I can do all the pinging but no email arrives

1565
0 Kudos
Quint021
Staff
Staff

Created on ‎07-16-2024 12:07 PM

Hello @Marcos_FDS1012 ,

Thank you for confirming connectivity. Can you test by changing the email server port? In addition, can you collect the alert mail debugs as referenced in the first article?

Kind Regards,

1562
Marcos_FDS1012
Contributor
In response to Quint021

Created on ‎07-16-2024 12:15 PM Edited on ‎07-16-2024 12:16 PM

Captura de tela 2024-07-16 161212.pngI'm using the default configuration, I don't know which port to change. I'm just starting to use this firewall and I don't know how to find the error.

1559
0 Kudos
Yurisk
SuperUser
SuperUser

Created on ‎07-17-2024 02:13 AM Edited on ‎07-17-2024 02:13 AM

The "Filed Filters" in the Trigger mean to filter out on values in the log, they are NOT there to limit what is included in the mail sent. Remove all the Field Filters in the 1st screenshot, and it will work.

 

You will use filters if, say, you want to get alerts on a specific user only, ignoring logins of other users. 

 

E.g. fire an email alert to admin@yurisk.info when a user connects to the Fortigate by SSL VPN AND she/he connects from IP address 185.242.6.3 The email alert will contain full body message of the log

 

  • Trigger

config system automation-trigger
    edit "TunnelisUpLog"
        set event-type event-log
        set logid 39947
        config fields
            edit 1
                set name "remip"
                set value "185.242.6.3"
            next
        end
    next
end

 

  • Action:

config system automation-action
    edit "VPNUpEmail"
        set action-type email
        set email-to "admin@yurisk.info"
        set email-from "fgt@yurisk.info"
        set email-subject "FGT AWS VPN SSL tunnel is up"
    next
end

 

  • Stitch:

config sys automation-stitch
    edit "VPNTunnelUp"
        set trigger "TunnelisUpLog"
        config actions
            edit 1
                set action "VPNUpEmail"
                set required enable
            next
        end
    next
end

 

 

If you want to dive into automation stitches, including debug and limitations, look at the stitches collection I wrote: https://github.com/yuriskinfo/Fortinet-tools/tree/main/Fortigate-automation-stitches 

 

Yuri Slobodyanyuk
Yuri Slobodyanyuk
1729
Marcos_FDS1012
Contributor
In response to Yurisk

Created on ‎07-17-2024 03:47 AM Edited on ‎07-17-2024 03:58 AM

Hello ,

Now I'm receiving the e-mail, but how do I set it up to receive information from the user who is logged in?

 

Captura de tela 2024-07-17 075744.png

1459
0 Kudos
Marcos_FDS1012
Contributor
In response to Marcos_FDS1012

Created on ‎07-17-2024 06:01 AM

Hello,

I managed to make it work thanks for your help

1689
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.