Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
inferi
New Contributor

Created on ‎11-14-2022 09:54 AM

Fortigate doesn't send the alerts

Hi

My FortiGate 200D have some problems to send alert emails.

Have many failures in system events.

inferi_0-1668439432387.png

I already check the email service configuration and seems ok. The password is also ok.

inferi_1-1668439504854.png

inferi_2-1668439530439.png

 

The printer@fjbe.com.pt have SMTP enabled and 2FA deactivated.

This is the result of diag

inferi_3-1668439656705.png

inferi_4-1668439682877.png

 

 

 

Labels:
1818
0 Kudos
11 REPLIES 11
distillednetwork
Contributor III

Created on ‎11-14-2022 12:55 PM

For the printer account have your setup SMTP AUTH in the office365 portal?  This blog article outlines a setup for office365.  The other item they had differently is the default reply to address was the same as the username.  You may need to verify permissions in office365 if that user can send as the is user.

 

https://aventistech.com/kb/email-alert-with-office-365-in-fortios-6-4/

1480
0 Kudos
inferi
New Contributor
In response to distillednetwork

Created on ‎11-15-2022 01:05 AM

I'm already use that account to send other alerts like backup reports and scanners from our printers

1472
0 Kudos
inferi
New Contributor
In response to distillednetwork

Created on ‎11-15-2022 03:27 AM

I changed "Default Reply To" from is@fjbe.com.pt to printer@fjbe.com.pt and activate a trigger to test but still not work.

inferi_0-1668510665127.png

 

 

In the past fortigate had a problem and can't resolve the ip adress of smtp.office365.com.

I fix this problem changing DNS from fortiguard servers to internal DNS, but I can't ping external address or ips. Perhaps this is the reason for not being able to send emails.

inferi_1-1668511560102.png

 

1466
0 Kudos
distillednetwork
Contributor III
In response to inferi

Created on ‎11-15-2022 11:52 AM

Are you using SDWAN?  could be a local-out issue with sdwan or something upstream that is blocking it.

1454
0 Kudos
Cajuntank
Contributor II

Created on ‎11-16-2022 05:42 AM

Going to offer a possible alternative solution for now or future use. Due to our size and the amount of devices I had that needed to send email (i.e.. MFP copiers, various appliances for email alerting, etc...), I setup a internal mail relay (I use my old Barracuda SPAM firewall to do this but you can utilize whatever is more available to you). I have a VIP to this device and a corresponding egress policy for outbound SMTP traffic only. Office365 has a a rule for this public IP and that IP is in my SPF DNS record. I just point my devices to my internal relay host at port 25 and that's all that's needed. Leaving out a lot of steps, but you get the general idea.

1446
0 Kudos
inferi
New Contributor

Created on ‎11-21-2022 01:42 AM

I still not receive alerts from fortigate but saturday I received 3 alert emails.
The timestamp of emails matches exactly with another error with wan2 port.

inferi_0-1669023711053.png

 

Maybe the error is from static routes?

1415
0 Kudos
distillednetwork
Contributor III
In response to inferi

Created on ‎11-21-2022 05:45 AM

I suspect an issue with SDWAN and the local out traffic picking the right interface.  What interfaces do you have setup for SDWAN? Do they all provide internet access?  Is there only one that is allowed to send emails through O365 by chance?

1410
0 Kudos
inferi
New Contributor
In response to distillednetwork

Created on ‎11-22-2022 04:26 AM

This is the SDWAN

 

inferi_0-1669119933185.png

 

1397
0 Kudos
distillednetwork
Contributor III
In response to inferi

Created on ‎11-22-2022 07:59 AM

Try to see if you are able to ping from each interface: 

 

# exe ping-options source <wan2 IP>

# exe ping smtp.office365.com

 

# exe ping-options source <ONI>

# exe ping smtp.office365.com

 

This will source the ping from each interface separately and see if you are able to reach it on one port and not the other.

1385
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.