Created on 06-29-2010 10:46 AM
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Bill ========== Fortigate 600C 5.0.12, 111C 5.0.2 Logstash 1.4.1
The short answer is no, you can' t use smtp.gmail.com to send alerts because it doesn' t support unencrypted emails, and the Fortigate doesn' t support encrypted emails.It' s no matter of encryption or not; it' s a matter of ports. smtp.googlemail.com uses 465/tcp submission port for the connection., and in your fortigate you cannot use (yet) another port than 25/tcp for email alerts BTW, FTG' s email alerts smtp support authentication for years ago, (picture included)
regards
/ Abel
Created on 06-30-2010 10:12 AM
ORIGINAL: mike0 Actually Abel, you can set the FortiGate alert-email SMTP port to anything via the CLI. See: http://kb.fortinet.com/kb/microsites/search.do?cmd=displayKC&docType=kc&externalId=FD31861&sliceId=1&docTypeID=DT_KCARTICLE_1_1&dialogID=7528496&stateId=0%200%207526635Indeed, thanks for the link!
regards
/ Abel
Bill ========== Fortigate 600C 5.0.12, 111C 5.0.2 Logstash 1.4.1
In addition to authentication, the Google SMTP server requires TLS encryption when sending. Fortigate doesn' t support TLS when sending email alert messages.Indeed Bill, it seems that the only way to connect to google is starting tls first, independiently of authentication process; there' s no option for talk smtp with no issuing starttls comand first, and FGT doesn' t send starttls command.
[abel@ ~]$ telnet smtp.googlemail.com 587 Trying 74.125.45.16... Connected to smtp.googlemail.com (74.125.45.16). Escape character is ' ^]' . 220 mx.google.com ESMTP b6sm63037707ani.1 ehlo 250-mx.google.com at your service, [xxx.xxx.xxx.xxx] 250-SIZE 35651584 250-8BITMIME 250-STARTTLS 250 ENHANCEDSTATUSCODESregards and my apologies for the misunderstanding.
regards
/ Abel
;; QUESTION SECTION: ;gmail.com. IN MX ;; ANSWER SECTION: gmail.com. 1251 IN MX 40 alt4.gmail-smtp-in.l.google.com. gmail.com. 1251 IN MX 5 gmail-smtp-in.l.google.com. gmail.com. 1251 IN MX 10 alt1.gmail-smtp-in.l.google.com. gmail.com. 1251 IN MX 20 alt2.gmail-smtp-in.l.google.com. gmail.com. 1251 IN MX 30 alt3.gmail-smtp-in.l.google.com.in this case gmail-smtp-in.l.google.com should work fine. [ul]
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1660 | |
1073 | |
752 | |
443 | |
220 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.