Fortinet Community

Unlock Exclusive Benefits

Join Our Community Today!

Join our community and post in the forum to earn your exclusive Spring Badge! Become a member today!

Support Forum
Knowledge Base
Community Groups
Blogs

Support Forum

The Forums are a place to find answers on a range of Fortinet products from peers and product experts.

Fortinet Community
Support Forum
Split Tunnel SSL VPN - netbios forward deny in Loc...

Options

Subscribe to RSS Feed
Mark Topic as New
Mark Topic as Read
Float this Topic for Current User
Bookmark
Subscribe
Mute
Printer Friendly Page

x_member

Contributor

Created on ‎09-28-2015 01:09 AM

Options

Mark as New
Bookmark
Subscribe
Mute
Subscribe to RSS Feed
Permalink
Print
Report Inappropriate Content

Split Tunnel SSL VPN - netbios forward deny in Local Traffic Log - Best Practice?

We have a split-tunnel SSL VPN permitting access to the internal office network; this has been set up for some time and works without issue; users are able to access internal resources and servers as required in their normal way.

Whilst checking logs on another matter I've come across a large number of denied netbios forwards on UDP 137 & 138 from VPN clients. As far as I'm aware these are not new (I went back several weeks in the logs). This discovery raises the question as to whether I should be handling this traffic in a different / better way - should it be allowed?

The fortigate is a 60D running 5.2.3. Clients connect based on authorisation via LDAP and device MAC. All clients are Windows 7 or higher.

2454

0 Kudos

Nominate to Knowledge Base

Nominate a Forum Post for Knowledge Article Creation

Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.

SUBMIT CANCEL

All forum topics
Previous Topic
Next Topic

0 REPLIES 0

Announcements

Check out our Community Chatter Blog! Click here to get involved

Labels

Top Labels

Alphabetical

FortiGate 9,771
FortiClient 1,992
FortiManager 829
5.2 801
FortiAnalyzer 642
5.4 639
FortiSwitch 538
FortiAP 526
FortiClient EMS 500
6.0 416
5.6 362
FortiMail 355
SSL-VPN 324
IPsec 310
6.2 251
FortiNAC 239
FortiAuthenticator v5.5 234
FortiWeb 234
5.0 196
SD-WAN 159
FortiGuard 154
FortiAuthenticator 142
6.4 128
Firewall policy 118
FortiGateCloud 110
FortiSIEM 109
FortiCloud Products 105
FortiToken 99
Wireless Controller 91
Customer Service 84
High Availability 74
FortiGate-VM 72
FortiProxy 72
ZTNA 67
4.0MR3 64
FortiEDR 64
VLAN 64
Fortivoice 63
Routing 61
DNS 61
FortiADC 60
SAML 57
BGP 55
Authentication 54
RADIUS 51
FortiSandbox 50
LDAP 50
Certificate 50
NAT 49
FortiExtender 47
SSO 46
FortiDNS 43
FortiLink 42
FortiGate v5.4 37
VDOM 37
Application control 37
Logging 36
FortiSwitch v6.4 35
Interface 35
FortiConnect 32
FortiWAN 31
Virtual IP 31
Web profile 30
FortiPAM 29
FortiGate v5.2 27
FortiConverter 27
SSL SSH inspection 25
Traffic shaping 24
FortiPortal 23
Static route 23
Fortigate Cloud 22
Automation 22
SSID 21
FortiSwitch v6.2 20
SNMP 20
FortiMonitor 19
WAN optimization 19
API 17
System settings 17
OSPF 16
FortiDDoS 15
Admin 15
Security profile 15
FortiAP profile 15
Web application firewall profile 15
IP address management - IPAM 15
FortiGate v5.0 14
FortiSOAR 14
FortiCASB 14
IPS signature 14
Proxy policy 13
Intrusion prevention 13
FortiManager v4.0 12
Traffic shaping policy 12
Web rating 12
FortiManager v5.0 11
FortiRecorder 11
Explicit proxy 11
FortiWeb v5.0 10
FortiBridge 10
Users 10
Traffic shaping profile 10
Fabric connector 10
Port policy 10
4.0MR2 9
FortiGate v4.0 MR3 9
FortiDeceptor 9
FortiAnalyzer v5.0 9
RMA Information and Announcements 9
DNS filter 9
trunk 9
Fortinet Engage Partner Program 9
FortiCache 8
Antivirus profile 8
4.0 7
Application signature 7
Authentication rule and scheme 7
FortiToken Cloud 6
Packet capture 6
NAC policy 6
VoIP profile 6
FortiCarrier 5
FortiScan 5
FortiTester 5
DLP profile 5
DoS policy 5
Email filter profile 5
Protocol option 5
Cloud Management Security 5
3.6 4
FortiDirector 4
Internet service database 4
DLP sensor 4
Netflow 4
TACACS 4
Replacement messages 4
SDN connector 4
Service 4
Multicast routing 4
Vulnerability Management 4
FortiDB 3
FortiHypervisor 3
Kerberos 3
FortiNDR 3
DLP Dictionary 3
Multicast policy 3
FortiInsight 2
FortiAI 2
Video Filter 2
File filter 2
Schedule 2
Zone 2
FortiEdge Cloud 2
FortiGuest 2
4.0MR1 1
FortiManager-VM 1
FortiCWP 1
Subscription Renewal Policy 1
ICAP profile 1
Virtual wire pair 1
FortiEdge 1

Previous
1 of 17
Next

Top Kudoed Authors

User

Count

2303

1256

772

453

430

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media

Security Research

Threat Research
FortiGuard Labs
Threat Map
Threat Briefs
Ransomware
Getting Started Resources

Company

About Us
Security Fabric
Exec. Mgmt
Careers
Certifications
Events
Industry Awards
Social Responsibility

News & Articles

News Releases
News Articles
Trademarks

Corporate
Community

Terms of Service
Privacy Policy
GDPR
Cookie Settings

You are leaving our website

You are leaving our site and we cannot be held responsible for the content of external websites

Stay Here Continue