Hi
I have a fg201e run fortiOS 6.4.13 and set to send mail when IPS event happen.
But we didn't received any mail,so we follow the Troubleshooting Tip: Email alert to check what happend
And here is the debug result and config about email-server
==================================Config========================================
fg201 (email-server) # show
config system email-server
set server "notification.fortinet.net"
set port 465
set security smtps
end
================================Debug log=======================================
fg201 (root) # diag debug reset
fg201 (root) # diag debug enable
fg201 (root) # diag debug console timestamp enable
fg201 (root) # diag debug application alertmail -1
Debug messages will be on for 30 minutes.
fg201 (root) # diagnose log alertmail test
2023-12-20 15:23:32
fg201 (root) # 2023-12-20 15:23:32 mail_info:
from:notification.fortinet.net user:fg200E@joybomb.office
2023-12-20 15:23:32 mail_info:
reverse path:fg200E@joybomb.office
user name:fg200E
2023-12-20 15:23:32 to[0]:user@company.com
2023-12-20 15:23:32 to[1]:
2023-12-20 15:23:32 to[2]:
2023-12-20 15:23:32 <==_init_mail_info
2023-12-20 15:23:32 create session
2023-12-20 15:23:32 resolve notification.fortinet.net to 1 IP
2023-12-20 15:23:32 ==> send mail
2023-12-20 15:23:32 connecting to 208.91.114.151 port 465
2023-12-20 15:23:32 send mail 0x15d44b50 session 0x15d41110
2023-12-20 15:24:14 failed to connect
2023-12-20 15:24:14 session_io_event: creating ssl structure for session 0x15d4fc10
2023-12-20 15:24:14 create_ssl_ctx
2023-12-20 15:24:14 create_ssl: 0x7f3b30e3f000
2023-12-20 15:24:14 error in SSL_connect DH lib
2023-12-20 15:24:14 _session_on_destroy
2023-12-20 15:24:14 <== send mail failed, m = 0x15d35fd0 s = 0x15d4fc10
2023-12-20 15:24:34 create session
2023-12-20 15:24:34 resolve notification.fortinet.net to 1 IP
2023-12-20 15:24:34 ==> send mail
2023-12-20 15:24:34 connecting to 208.91.114.151 port 465
2023-12-20 15:24:35 failed to connect
2023-12-20 15:24:35 session_io_event: creating ssl structure for session 0x15d41110
2023-12-20 15:24:35 create_ssl: 0x7f3b30e3f000
2023-12-20 15:24:35 error in SSL_connect DH lib
2023-12-20 15:24:35 _session_on_destroy
2023-12-20 15:24:35 <== send mail failed, m = 0x15d44b50 s = 0x15d41110
2023-12-20 15:24:55 create session
2023-12-20 15:24:55 resolve notification.fortinet.net to 1 IP
2023-12-20 15:24:55 ==> send mail
2023-12-20 15:24:55 connecting to 208.91.114.151 port 465
2023-12-20 15:25:37 failed to connect
2023-12-20 15:25:37 session_io_event: creating ssl structure for session 0x15d4fc10
2023-12-20 15:25:37 create_ssl: 0x7f3b30e3f000
2023-12-20 15:25:37 error in SSL_connect DH lib
2023-12-20 15:25:37 _session_on_destroy
2023-12-20 15:25:37 <== send mail failed, m = 0x15d35fd0 s = 0x15d4fc10
2023-12-20 15:25:57 create session
2023-12-20 15:25:57 resolve notification.fortinet.net to 1 IP
2023-12-20 15:25:57 ==> send mail
2023-12-20 15:25:57 connecting to 208.91.114.151 port 465
2023-12-20 15:25:59 failed to connect
2023-12-20 15:25:59 session_io_event: creating ssl structure for session 0x15d41110
2023-12-20 15:25:59 create_ssl: 0x7f3b30e3f000
2023-12-20 15:25:59 error in SSL_connect DH lib
2023-12-20 15:25:59 _session_on_destroy
2023-12-20 15:25:59 <== send mail failed, m = 0x15d44b50 s = 0x15d41110
2023-12-20 15:26:19 create session
2023-12-20 15:26:19 resolve notification.fortinet.net to 1 IP
2023-12-20 15:26:19 ==> send mail
2023-12-20 15:26:19 connecting to 208.91.114.151 port 465
2023-12-20 15:27:01 failed to connect
2023-12-20 15:27:01 session_io_event: creating ssl structure for session 0x15d4fc10
2023-12-20 15:27:01 create_ssl: 0x7f3b30e3f000
2023-12-20 15:27:01 error in SSL_connect DH lib
2023-12-20 15:27:01 _session_on_destroy
2023-12-20 15:27:01 <== send mail failed, m = 0x15d35fd0 s = 0x15d4fc10
2023-12-20 15:27:21 create session
2023-12-20 15:27:21 resolve notification.fortinet.net to 1 IP
2023-12-20 15:27:21 ==> send mail
2023-12-20 15:27:21 connecting to 208.91.114.151 port 465
2023-12-20 15:27:22 failed to connect
2023-12-20 15:27:22 session_io_event: creating ssl structure for session 0x15d41110
2023-12-20 15:27:22 create_ssl: 0x7f3b30e3f000
2023-12-20 15:27:22 error in SSL_connect DH lib
2023-12-20 15:27:22 _session_on_destroy
2023-12-20 15:27:22 <== send mail failed, m = 0x15d44b50 s = 0x15d41110
==========================================================================
It looks like SSL connection failed.
Please help us to figure out what happen. Thanks a lot.
Hi, I was wondering how setting up an automated process user email address solved the issue? This is interesting - I've never heard of this feature and want to learn more.
Hi @adkins5
You may refer to below guide on how to enable Alert Email
https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-configure-alert-email-settings/ta-p...
https://docs.fortinet.com/document/fortigate/7.4.1/administration-guide/526019/email-alerts
@natejen issue seems to be related to source-ip they set on email server setting. Which was resolved when they "unset" it (default is 0.0.0.0). Fortigate by default use the IP of the outgoing interface.
There is a possibility that the IP they use do not exist on the Fortigate or the IP is not known to their ISP.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.